Thomas Hajdukowicz

//

Definition of SPF (Sender Policy Framework)

Sender Policy Framework is an e-mail validation system designed for preventing e-mail spam by detecting e-mail spoofing, a common vulnerability and threat by verifying the sender’s IP addresses. Sender Policy Framework allows the administrators to specify which the hosts allowed to send mail from a given domain by creating a particular record in the Domain Name System. Mail exchangers use the DNS for checking that whether the mail from a given record domain is being sent by a host sanctioned by that particular domain’s administrators.

How to handle SPF

What is SPF record ? 

SPF record in DNS?

SPF record is a TXT record part of a domain’s Name Service who authorized hostnames / IP addresses that are allowed to send email on behalf of your domain. When a domain publishes an record, spammers are less likely to forge e-mails pretending to be from that domain and the reason for this being that the forged e-mails are more likely to be caught by the spam filters which continuously check the record. Hence, an protected domain is much less attractive to the spammers. Because of an SPF protected domain is less attractive as being a spoofed address, it is less likely to get blacklisted by the spam filters and so the e-mail being sent is more likely to get through.

Compliance and Sender Policy Framework policy

Compliance with SPF consists of three interrelated tasks. The first task is to Publish a policy. Domains and hosts identify the machines which are authorized to send e-mails on their behalf. This is done by them by adding additional records to their existing DNS information; every domain name or host that has a record must have an SPF record, specifying the policy whether it is used as HELO argument or an e-mail record. Validating the SPF record is highly recommended and can be done through testing tools provided on the Project webpage.

Why checking the SPF is important ?

The next task is to Check and use SPF information. Receivers use ordinary DNS queries, which are cached to enhance the performance and then interpret the SPF information as per specified, hence acting on the result. The next task is to Revise mail forwarding. Plain mail forwarding is not allowed by Sender Policy Framework. The alternatives in this case are: Re-mailing, i.e. replacing the original sender with the one belonging to the local domain, Refusing, White listing, so that it will not refuse a forwarded message and Sender Rewriting Scheme, a complicated mechanism that handles routing non-deliver notifications to the original sender.

SPF has many potential advantages beyond helping to identify the unwanted mail. If a sender provides the SPF information, then the receivers can use SPF PASS results in combination with a white list to identify the known reliable sender.

Check more on our senders and domains documentation about SPF and DKIM validation.