SPF Record

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 3

. SPF RECORD .

1. What is SPF record?

An SPF record identifies the mail servers and domains that


are allowed to send email on behalf of your domain.
Receiving servers check your SPF record to verify that
incoming messages are send from the particular user.

2.How do SPF records work?

It establishes a method for receiving


mail servers to verify that incoming email from a
domain was sent from a host authorized by that
domain’s administrators. It piggybacks on the
well-established Domain Name System (DNS). In
general terms, the process works like this:

1. A domain administrator publishes the


policy defining mail servers that are authorized to send email from
that domain. This policy is called an SPF record, and it is listed as
part of the domain’s overall DNS records.

2. When an inbound mail server receives an incoming email, it looks up


the rules for the bounce (Return-Path) domain in DNS. The inbound
server then compares the IP address of the mail sender with the
authorized IP addresses defined in the SPF record.

3. The receiving mail server then uses the rules specified in the
sending domain’s SPF record to decide whether to accept, reject, or
otherwise flag the email message.

3.Why should company add an SPF record to their domain?

SPF helps protect domains against spoofing, and helps to prevent your outgoing
messages from being marked as spam by receiving servers. SPF specifies the mail servers
that are allowed to send email for your domain, if the mail didn’t pass in spf record then the
mail will be marked as a spam mail , it helps the user to identify the mail whether it is from
the original side or spam.
4.SPF implementation:

Spf implementation allows the owner of a domain to specify which mail servers they use to send
mail from that domain. A company sending email publishes an SPF record in the Domain Name
System . The record lists which IP addresses are authorized to send email on behalf of their domain.
To turn on Sender Policy Framework for your domain, add a Domain Name System (DNS) TXT record
at your domain provider. Keep in mind: The field names in these steps might be different for your
domain provider. DNS TXT record field names vary for domain providers.

Some steps to implement spf:


Step 1: Gather IP addresses used to send email.
The first step to implement SPF is to identify which
mail servers you use to send email from your
domain. ...

Step 2: Make a list of your sending domains. ...

Step 3: Create your SPF record. ...

Step 4: Publish your SPF to DNS. ...

Step 5: Test!

5.How does the SPF record syntax work?

Mechanisms:

It can be used to describe the set of hosts which are designated outbound mailers for the
domain and can be prefixed with one of four qualifiers:
+ Pass

~ SoftFail

- Fail

? Neutral

If a mechanism results in a hit, its qualifier value is used. The default qualifier is “+“, i.e. “Pass”.
Mechanisms are evaluated in order. If no mechanism or modifier matches, the default result is
“Neutral”.
More in-depth information on the differences between “~” and “–” can be found here

If a domain has no SPF record at all, the result is “None”. If a domain has a temporary error during
DNS processing, you get the result “TempError” (called “error” in earlier drafts). If a syntax or
evaluation error occurs

REFERENCE:
1.SPF record:

( https://support.google.com/a/answer/10683907?hl=en )

2. SPF records work:


( https://www.agari.com/blog/what-is-spf )
3.SPF syntax:

( https://dmarcian.com/spf-syntax-table/ )

You might also like