ColdMailServer
Infrastructure

Works with your existing forwarding setup.

Natively processes email forwarding rules without breaking SPF/DKIM key alignment or failing receiver DMARC verification policies.

app.coldmailserver.com
Routing Rules & SRS settingsActive & Aligned
inbound@outbounddomain.com→ Forwards to: mycrm-inbox@hubspot.com
SRS Applied
sales@outbounddomain.com→ Forwards to: primary-inbox@mycompany.com
SRS Applied
Active MX forwarding rules config

How Sender Rewriting Scheme (SRS) protects alignment

Email forwarding is a common practice in outbound sales. However, simple forwarding breaks SPF validation. When our server receives a message from `prospect@target.com` and forwards it to your `main@mycompany.com` inbox, the receiving server checks our server's IP against `target.com`'s SPF records. This check fails, triggering spam filters.

Cold Mail Server resolves this natively using Sender Rewriting Scheme (SRS). Our system rewrites the envelope sender address (the Return-Path) to point to our authorized domain, preserving SPF validation checks.

Simultaneously, we maintain DKIM signature headers, ensuring your inbound reply flows preserve validation compliance and land in your target CRM inbox.

app.coldmailserver.com
# cat /var/log/mail.srs.log
Jun 30 08:14:10 srs-filter[1502]: incoming envelope-from=<prospect@target.com>
Jun 30 08:14:11 srs-filter[1502]: translated envelope-from=<SRS0=hAsH=tAg=target.com=prospect@srs.coldmailserver.com>
Jun 30 08:14:12 srs-filter[1502]: DKIM signature validation status: PASS
Jun 30 08:14:13 srs-filter[1502]: forwarded to target address <mycrm-inbox@hubspot.com> (status 250 OK)
Inbound SRS rewriting logs
Workflow

How Sender Rewriting Scheme (SRS) works

STAGE 01

Inbound email received

A recipient replies to your campaign mailbox. Our server captures the incoming message.

STAGE 02

SPF envelope translation

Our SRS logic translates the envelope sender to point back to our authorized forwarding hosts.

STAGE 03

Authentication signatures

We wrap the original headers while applying aligned SPF/DKIM keys to verify source integrity.

STAGE 04

Target delivery

The translated mail lands in your main HubSpot/Slack/Gmail destination with validation intact.

Technical Specifications

Forwarding Protocols & Limits

Feature CapabilityStarter TierScale TierAgency Tier
Sender Rewriting Scheme (SRS)AutomaticAutomaticAutomatic
Custom Target RulesUp to 5 / domainUnlimitedUnlimited
Forwarding WebhooksNoYes (Standard JSON)Yes (Secure HMAC)
Catch-All Address RoutingYesYesYes

Forwarding FAQs

Why does normal forwarding break SPF?

SPF defines which IPs are allowed to send mail on behalf of a domain. Simple forwarding doesn&apos;t change the Return-Path. When your inbox receives the forwarded mail, it sees our server IP sending as `prospect.com`, failing validation.

What does SRS do?

SRS (Sender Rewriting Scheme) rewrites the Return-Path to use our authenticated forwarding domain. This allows your final destination server to pass SPF validation checks cleanly.

Can I forward directly to HubSpot or Salesforce?

Yes. Using SRS, the forwarded emails land cleanly in your CRM&apos;s inbound logging boxes. You can also configure Webhooks on the Scale/Agency plans.

Do I need to migrate my MX records?

No. You can configure forwarding patterns alongside your existing domain setup without changing your main MX records.

0%SRS Validation Compliance
0DNS Migrations Required
< 0 minsRule Propagation Latency

Preserve your existing workflow

Run outbound campaigns without changing how your CRM collects responses.

Start TrialExplore Unibox