Sender Policy Framework (SPF) is an email validation system designed to prevent email spam by verifying sender IP addresses. Sender Policy Framework allows administrators to specify which hosts are allowed to send mail from a given domain. Sender Policy Framework published by Internet Engineering Task Force (IETF) in RFC 4408.
How Sender Policy Framework works
In high level, consider user@abc.com want to send email to user@def.com. abc.com’s domain are protected by Sender Policy Framework by define only authorize 1.2.3.4’s IP.
1) abc.com mail server with IP Address of 1.2.3.4 sends a message FROM user@abc.com TO user@def.com
2) def.com mail server receive the email and using DNS lookup TXT for abc.com, looking for the SPF record
3) def.com will compares the 1.2.3.4 IP Address agains the abc.com SPF record
3.1) If match and allow, email will accepted (in this case it’s matched!!)
3.2) If no, email will rejected
What happen if someone from 5.6.7.8’s IP Address spoof the email and send as user@abc.com? Recipient server will compare the SPF record for abc.com and findout it’s not authorize IP, then it’s will reject the email.
Below is the diagram how the SPF works :
How to implement SPF
Owner domain creating a specific SPF record (or TXT record) in the Domain Name System (DNS).
What Sender Policy Framework record means
How to verify or validate Sender Policy Framework
You can verify & validate the domain SPF record using below tools :
1) mxtoolbox.com’s website
2) Kitterman’s website
3) Openspf’s website
Further Reading
There are other mechanisms as well, but hopefully this post is enough to teach you the basics about SPF. The SPF project is a great resource and the section on record syntax goes into much more detail about the different parts of the SPF record.
References
1) SPF Project
2) Explaining SPF