SPF

Submitted by furriephillips on Sun, 05/29/2016 - 18:50

Sender Policy Framework (SPF) is a simple system to prevent forgery of the sender's address, by providing a mechanism for domain administrators to define who is authorised to send mail from their domain.

The list of authorized hosts is published in the Domain Name System (DNS) records for that domain, in the form of a specially formatted TXT record - here's an exciting example: -

@ IN TXT "v=spf1 mx a include:spf.example.com -all"

Spam, phishing & virus/malware infected mails almost always use a forged sender-address & as SPF is so easy to implement & protects both the sender's reputation and the safety of their customers (from phishing activities), that it's a no-brainer; everyone with a domain, who doesn't want anyone else to forge mail from their domain, should have an SPF record.

There are online tools to help domain administrators to create and check SPF records. These are the ones I'd use if I didn't have access to a Linux command line.