Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is an extension to the Simple Mail Transfer Protocol (SMTP). SPF allows software to identify and reject forged addresses in the SMTP MAIL FROM (Return-Path), a typical nuisance in e-mail spam.

The two direct benefits of SPF I found are:

  1. ensuring a spammer/virus/trojan cannot send emails using your email address in the FROM field of the email.
  2. get legitimate emails to go through hotmail (and others of course) junk filter, and not be detected as spam.

Setting up a SPF record

Here is an SPF record template for strict checking. For softfail, use "~all" instead.

v=spf1 a mx ptr ip4:<DomainIP> -all

Where 'DomainIP' is replaced with the IP address for what you're setting this record up for. It can also include a range in CIDR format.
You can read more about other SPF Record Syntax at OpenSPF.org .

So now when people receiving emails from your domain have their SPF checking rule to deny all emails that don't match with this SPF record they should only receive genuine emails from your domain.

If you are a Plesk user, "Switch on SPF spam protection" and next to 'SPF checking mode' select 'Reject mails when SPF resolves to "fail" (deny)'.

To check the SPF record for a particular domain:

$ dig domain.tld txt

Comment