Fighting spam: Sender Policy Framework (SPF)
Posted on: July 24, 20089 comments so far (is that a lot?)
For almost as long as there have been emails – spam has been a cause for concern for most. Not only for the targeted individuals, but also for the companies whose brands and addresses have been misused and products sold illegally. This month we turn our focus towards the Sender Policy Framework as a means for domain holders to combat the ever illusive problem of SPAM.
Introduction
SPF was introduced back in 2005 and has since then become widely used as a means for domain name administrators to defend their domain name(s) from being misused by spammers to send out unconsolidated commercial emails.
How does it work?
Implemented into the DNS TXT record of any given domain name, the SPF record holds a list of addresses, which has been set as valid sender(s) for the given domain name. The recipients mail server can then validate the origin of emails received simply by checking the DNS settings of the senders domain name. Obviously this alone does not guarantee that the emails you send will be cleared by the recipients spam filter. However it should make them a lot less likely to be marked as SPAM.
Example
A company with the domain name test.com wish to configure an SPF record for their domain name. They are using the email server smtp.isp.edu (IP: 123.123.123.123) as their outgoing SMTP-server. Furthermore they have a website application from where they send automated emails to their clients. The web server for this application is located at IP 111.222.111.222.
The SPF record for this setup could look something like this:
“v=spf1 a:smtp.isp.edu ip4:111.222.111.222 -all”
By adding the above record we can tell other mail servers that emails send from @test.com addresses, either via smtp.test.com or via 111.222.111.222, are legitimate emails. Everything else is not and should be dealt with accordingly.
How does this concern me?
Well, SPAM concerns everyone. From a general point of view you can help in the fight against SPAM. The Sender Policy Framework is designed to become increasingly efficient – The more domain names using SPF records, the more ISPs (Internet Service Providers) would be inclined to implement these checks; thus helping everyone.
From your point of view spammers will be less likely to use your domain name as the sender address when they spam. This should reduce/eliminate bounced emails send back to you in response to messages that you did not actually send in the first place as well as any attempt in spoofing activities using your domain name as the sender.
Last but not least, emails that you send will be less likely not to reach their destination. This should be enough of an incentive for any company to consider implementing SPF records in the DNS of domain name.
External resources & links
To learn more about SPF records, try the one of the following sites.
SPF Introduction
Open SPF, Introduction
SPF Common mistakes
Open SPF, Common mistakes
SPF Wizard
Open SPF, Wizard
Wikipedia
Wikipedia, Sender policy framework
Register with the UK’s top domain name & hosting provider, over 10 years exceptional service & technical support.
Related Posts
Website Creator
New Domains
August 19th, 2008 at 2:22 pm
Some more Easily-specific examples might help here…
August 20th, 2008 at 10:55 am
Hi Rob,
Thanks for your comment.
The SPF record would be customized depending of which addresses you would like to block or which servers you would like to accept.
If you want to set up an SPF record easily in a couple of clicks, juts go on http://www.openspf.org and start creating your SPF by filling your domain name in the yellow square at the top right corner. Just follow the steps and it will generate your SPF record.
Once you have it, you can send it to us to support@easily.co.uk with your username and first 3 characters of your password, then our support team will add it for you.
You can also add it yourself to your domain through your control panel by clicking on “D”(domain) and “D” again. From there, just add a new TXT record and paste your SPF record in there. It will then be effective from 4 to 24h.If you need any further assistance in setting up your SPF, do not hesitate to call our free support number: 0800 072 3636.
August 27th, 2008 at 8:39 am
My domain name is registered with Easily but all mail is redirected to a Google email address. I send email via Google, which I think sets them up as ‘from’ a Google address ‘on behalf of’ the Easily address. Does this mean I should publish a NULL SPF record with Easily for my Easily domain name?
August 27th, 2008 at 10:10 am
Hi Steve,
Sending emails from a Gmail account, through your domain name is called spoofing.
By spoofing other email addresses, you are more likely to be blocked by ISPs who can check if the domain name is using proper email servers or email forwarding.
Your solution would be to use an ALL SPF record like below:
“v=spf1 ~all”
It can help in the sending of your emails, but you are also more exposed to the risk of being spoofed yourself.
The most annoying situation is when a spammer is using your email address to spoof and spam thousands of random addresses, because you are the one receiving the thousands bouncing back messages.
Hope it would help you understanding a bit more what are Spoofing and SPF records.
August 30th, 2008 at 2:21 pm
Hi. I’m trying to go through the process of setting up an SPF record, but it’s asking me questions that I don’t understand, such as:
This wizard found 2 names for the MX servers for suehutton.co.uk: easymx2.easily.co.uk and rhea.easily.co.uk. (A single machine may go by more than one hostname. All of them are shown.)
MX servers receive mail for suehutton.co.uk.
Do they also send mail from suehutton.co.uk?
Do any other servers send mail from suehutton.co.uk?
You can describe them by giving “arguments” to the a:, mx:, ip4:, and ptr: mechanisms. mx: takes domain names and approves all the MX servers of these domains. To keep the wizard short we left out ptr:, but it works analogously.
Could mail from suehutton.co.uk originate through
servers belonging to some other domain?
If you send mail through your ISP’s servers, and the ISP has published an SPF record, name the ISP here. [include:]
Do the above lines describe all the hosts
that send mail from suehutton.co.uk?
I’d really like some help in understanding how I should answer these questions.
Thanks for the headsup on SPF though.
September 1st, 2008 at 9:37 am
Hi Sue,
With your Easily email account, you have to use our MX records (easymx2.easily.co.uk and rhea.easily.co.uk), and only our MX records. Sometimes, people add a 3rd server as a back up service, to make sure that if the first 2 go down, the 3rd one take the relay.
In your situation, you only have our 2 MX records, so to the question “Do any other servers send mail from suehutton.co.uk?” the answer is “No”.
Same answer for “Could mail from suehutton.co.uk originate through servers belonging to some other domain?”, “No”
And for “Do the above lines describe all the hosts that send mail from suehutton.co.uk?” the answer is “yes” (meaning easymx2.easily.co.uk and rhea.easily.co.uk).
I hope that will help.
November 5th, 2008 at 3:01 pm
Sounds good in theory but not looking forward to setting it up as I’mm not too hot on the jargon,in novice stage how long do you think it would take?
Cheers Lucy
April 4th, 2010 at 3:24 pm
thanks for the excellent post very informal and helped me a lot
April 5th, 2010 at 9:54 pm
I have had difficulties opening this post using my iphone safari, why?