My First SPF Record

SPF, which stands for Sender Policy Framework, is one tool in the fight against e-mail spam and phishing (forged mail that attempt to trick people into turning over valuable information, like bank account numbers and passwords). It helps establish that email that is appearantly from a particular domain was sent via a server approved to send mail from that domain.

This helps with phishing e-mails by helping to establish whether a piece of e-mail appearantly sent by your bank (or PayPal, or eBay, etc) was actually sent via an approved server.

It helps fight spam in a few ways. First of all, a lot of spam, including phishing email, is sent using forged addresses. SPF helps email spam-filters identify mail with forged senders, which may be a hint that a given peice of email might be spam.

Similarly, the absense of any sort of approved sending mailserver for a given domain is a hint that a given email might be spam. Spammers can create SPF records for the mailservers they use, but that means they have to send mail using domain names they control, which makes it easier to track down the people responsible for illegal spam and pursue them in the civil and criminal courts.

The presence of a legitimate SPF record for a given e-mail doesn’t necessarily mean the message is legitimate and the absense of one doesn’t mean its spam, but both provide additional information to help determine whether a given message is legitimate or bogus.

There are lots of competing approaches to sender verification, and the big ISPs are still fighting with eachother for supremacy. All I know is that Google has started to use SPF records in the spam filters for Gmail while AOL and Hotmail are validating their mailservers with SPF.

I’ve done the same for My “DNS host”: advertises support for SPF records with their custom DNS. This is true, happily, though they don’t give any explanation on how to create one. Fortunately, I found this handy “SPF record creation wizard”: to help walk me through the process.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.