2021-10-30 21:23

Short explanation of SPF

What is SPF and what is it used for?

SPF stands for Sender Policy Framework and it protects domain owners and users from receiving mails from a mail server which isn't allowed to send for a domain. It works like this: When a mail server receives a transmition of an email it sees from which domain it is from. If there is a mail from mail@example.com, then the domain is example.com. Now the receiving mail server checks the DNS (Domain Name System) for a record saying that the sending server is allowed to send the email for this domain. If it is allowed to send email for that domain, the receiving mail server accepts the mail. If it is not allowed then the mail is discarded or at least gets a higher spam score.

A SPF record might look like this:

microschrott.com.       600     IN      TXT     "v=spf1 +a +ip4: +mx -all"

It says that mail for the domain microschrott.com are beeing sent from the subnet and the receiving mail server (mx) is allowed to send mail, too. Other IPs are denied.

The result: only the domain owner or the mail servers which were permitted are allowed to send mails for a domain with a SPF record.

This is not a technique against spam or phishing in general, but it plays a role in spam and phishing mail reduction.

Contents © 2023 Selmar