What is SPF

What is SPF?

Overview

SPF stands for Sender Policy Framework. This is a mechanism that allows receiving email servers to check that an email originated from an email server authorised to send emails on behalf of an organisations domain name. However, SPF does not make any checks on the From: field presented to the end user. So using SPF on it's own will not prevent spoofing of the From: address.

How is it implemented?

To use SPF - you add a TXT record to the DNS for your domain name, like this simple example:

"v=spf1 ip4:192.168.10.11 -all"

v=spf1  the version of spf used

ip4:192.168.10.11  the ip4 address of the mail server permitted to send emails for this domain

-all  this specifies that if the email did not originate from the server with 192.168.10.11 address it should be rejected

In the following email header section, you can see that the receiving email server has done a DNS lookup on the domain intuition.net and has confirmed that 209.85.167.178 is permitted to send emails on behalf of the intuition.net domain name.

Authentication-Results: cloud212.unlimitedwebhosting.co.uk;

spf=pass (sender IP is 209.85.167.178) smtp.mailfrom=keith.roberts@intuition.net smtp.helo=mail-oi1-f178.google.com

Received-SPF: pass (cloud212.unlimitedwebhosting.co.uk: domain of intuition.net designates 209.85.167.178 as permitted sender)

Related Links: