SPF (Sender Policy Framework) Print

  • 2

An extension of SMTP which stops email spammers from forging the "From" fields in an e-mail. Due to SMTP itself does not have the mechanism to authenticate, SPF provides the authentication scheme by specifying which computers are authorized to send email from a specific domain.

 

To use SPF, the domain sending e-mails must establish an SPF record that is published in DNS records. When e-mail passes through the DNS server, it is compared to the SPF record for that domain to determine if the sender is authorized to send e-mails from that sender's address. If the e-mail comes from a domain that is not authorized, the DNS server will not forward the e-mail to the expected destination.

 

SPF only stops the spammer from forging the "From" field in the e-mail and does not stop the spammer from sending e-mails from a domain in which it is a member.

 

To use SPF, the following standard have been declared.

 

domain.com. IN TXT "v=spf1 include:spf.mschosting.com -all"

 

From the rules, v stand for the version of SPF and currently available for spf1(version 1) only.

 

Eight mechanisms are defined:

 

  • ALL - Matches, used default result like -all
  • A - A record that can be reach.
  • IPv4 - IPv4 address range.
  • IPv6 - IPv6 address range.
  • MX - Mail Exchange record match.
  • PTR - Reverse DNS (Record).
  • EXISTS - If the given domain name resolves to other name.
  • INCLUDE - Include policy.

Was this answer helpful?

« Back

Scroll to Top