What is SPF
SPF stands for Sender Policy Framework. This is a mechanism that allows receiving email servers to check that an email originated from an email server authorised to send emails on behalf of an organisations domain name. However, SPF does not make any checks on the From: field presented to the end user. So using SPF on it's own will not prevent spoofing of the From: address.
How is it implemented?
To use SPF - you add a TXT record to your domain's zone file, like this simple example:
"v=spf1 ip4:192.0.2.0 -all"
v=spf1 the version of spf used
ip4:192.0.2.0 the ip4 address of the mail server permitted to send emails for this domain
-all this specifies that if the email did not originate from the server with 192.0.2.0 address it should be rejected
In the following email header section, you can see that the receiving email server has performed a DNS lookup on the domain example.net
. and has confirmed that the sender's IP address 192.0.2.0
is permitted to send emails on behalf of the example.net
domain name.
Authentication-Results: cloud2.receiving-domain.co.uk;
spf=pass
(sender IP is192.0.2.0
) smtp.mailfrom=mailbox1@example.net smtp.helo=mail-f178.examplemail.comReceived-SPF: pass (cloud2.receiving-domain.co.uk: domain of
example.net
designates192.0.2.0
as permitted sender)