There are many ways to protect your emails and Sender Policy Framework (SPF) is one of them. SPF is well known and easiest way to protect your company emails from spoofing and spamming.
What is Sender Policy Framework (SPF) ?
It is an email authentication method. which is designed to detect forging sender addresses during the delivery of the email.
How SPF works ?
SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain’s administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS TXT records for sending domain.
How to implement Sender Policy Framework (SPF) for your domain
To implement the SPF for your domain you need follow this process:-
- Identify the hosts which are authorized to send out the emails from your company domain.
- SPF record should be in defined format i.e. it should start with “V=spf1” and ends with “~all”.
- Once you are ready with record. Login to your public DNS domain control panel and public this record as TXT for your domain.
So your domain has SPF information published and whenever a servers will accept any email from your domain. That server can query for this record and authenticate if the sending host is allowed in the list or not.
Example SPF record: – v=spf1 +a +mx +ip4:184.108.40.206 ~all
Now the question comes, how to deal with unknown sending hosts which are not listed in SPF record. So SPF also have that information it as last part. It can has following three values:-
~all – Soft Fail or -all – hard Fail or +all – natural
So based on the last part of SPF record. Receiving server can take an action. Identical action can be reject for hard fail. Quarantine for soft fail and natural and notify the recipient.