What is SPF

SPF stands for Sender Policy Framework. This is a mechanism that allows receiving email servers to check that an email originated from an email server authorised to send emails on behalf of an organisations domain name. However, SPF does not make any checks on the From: field presented to the end user. So using SPF on it's own will not prevent spoofing of the From: address.

How is it implemented?

To use SPF - you add a TXT record to your domain's zone file, like this simple example:

"v=spf1 ip4:192.0.2.0 -all"

v=spf1  the version of spf used

ip4:192.0.2.0  the ip4 address of the mail server permitted to send emails for this domain

-all  this specifies that if the email did not originate from the server with 192.0.2.0 address it should be rejected

In the following email header section, you can see that the receiving email server has performed a DNS lookup on the domain example.net . and has confirmed that the sender's IP address 192.0.2.0 is permitted to send emails on behalf of the example.net domain name.

Authentication-Results: cloud2.receiving-domain.co.uk;

spf=pass (sender IP is192.0.2.0) smtp.mailfrom=mailbox1@example.net smtp.helo=mail-f178.examplemail.com

Received-SPF: pass (cloud2.receiving-domain.co.uk: domain of example.net designates 192.0.2.0 as permitted sender)

Related Articles