DMARCLY Blog

Everything about SPF, DKIM, DMARC, email security and deliverability

Introduction to SPF

What is SPF

Sender Policy Framework (SPF) is an email authentication mechanism which alllows only authorized senders to send on behalf of a domain, and prevents unauthorized users from doing so. SPF allows the receiver to check that an email claiming to come from a specific domain indeed comes from an IP address authorized by that domain's administrators.

For example, when a mail server owned by a malicious scammer tries to send an email to your mailbox, claiming the email is from trustedbank.com, and asks you for important, confidential information, it poses a serious security problem to your email service provider and you. If your email server doesn't perform any security check, this email lands right into your mailbox and might cause a financial loss.

SPF can put a stop to this. Here is how it works: assuming SPF has been set up on your email server's end, and the scam server has an IP address of 1.2.3.4. When the scam server connects to your email server, you email server will check the incoming IP address to see if it's listed in the domain's SPF record published in the DNS. If the IP address is listed, the SPF check passes, otherwise not.

Think of the SPF record as a whitelist of legitimate IP addresses, and only when an incoming email is from one of the IP addresses, SPF gives a green light.

Build Your DMARC Record in 5 Minutes How To Deploy DMARC In 3 Easy Steps
Blog Comments powered by Disqus.