What is SPF?

SPF stands for Sender Policy Framework. It allows the owner of a domain to specify their email sending policy, e.g. which email servers they use to send email from their domain. SPF requires two sides to play together:

  • the domain owner publishes this information in a TXT record for the domain;
  • when someone else's email server receives a message claiming to come from that domain, the receiving server can check whether the message complies with the domain's stated policy; If the message comes from an unknown server, it can be considered a fake.

An Example Policy

Let's say John owns the domain example.com, and he sends emails from mail.example.com. In order to prevent abuse of the domain from malicious users, he publishes an SPF record on example.com, like this:

example.net. TXT "v=spf1 a:mail.example.com -all"

Basically this SPF record says that "only emails sent from mail.example.com's IP address are considered valid, while all others are considered fake".

Receiver-side Checking

When an email arrives, the receiver checks the IP address of the sending server. If it's the same as mail.example.com's IP address, it passes SPF validation; otherwise it fails.

Use DMARCLY to start protecting your email today.

Create a FREE DMARCLY account >>

Do you find this article useful?