SPF
Sender Policy Framework (SPF) is an open standard for authenticating email that was originally developed by AOL. SPF attempts to ensure that the IP address from which a message was sent is approved to send email by a domain’s owner.
Imagine you own the domain example.com
. You also have an email server that uses the IP address 127.0.0.1
. You may use an SPF record to designate this IP address, 127.0.0.1
, as the only IP allowed to send email using an example.com
email address. When an email server receives a message from sender@example.com
, it can check the IP address that delivered the message. If the IP is anything other than 127.0.0.1
, the SPF check will fail, informing the receiving server that the message is from an unauthorized source.
SPF Records
An SPF record is implemented using a TXT DNS record. The TXT record has several values, the first being v=spf1
. This first value indicates that the TXT record is a version 1 SPF record.
The remaining mechanisms in an SPF record are "INCLUDE," "A," "MX," "IP4 and IP6," and "REDIRECT." These mechanisms specify either an approved IP address directly or a domain that will resolve to an IP address.
SPF is one of several effective ways to check an email’s legitimacy, and this article provides only a brief overview. For more information about SPF, see SPF Records Explained.