SPF Records Explained
The open standard Sender Policy Framework (SPF) http://www.open-spf.org/ is aimed at preventing sender address forgery. The following describes how SPF is configured for use with SendSquared.
SPF attempts to prevent email sending abuse by ensuring that the IP address from which a message was sent is authorized to send mail on behalf of the domain in the email’s Envelope From or Return-Path.
SPF is implemented by adding a TXT record to a domain’s DNS records. The TXT record specifies which IP addresses are allowed to send email for the domain.
SendSquared’s SPF record
SendSquared uses the following record:
When setting up your SPF record, be sure to include our record for sending. For more information on how to set your SPF Record, please see our document explaining how to set your SPF record with your current hosting provider.
SPF mail flow
To understand SPF, it may help to understand how email traffic is handled when SPF is added to the process. Imagine an email server receives a message and checks the message’s return-path. The return-path is firstname.lastname@example.org. To perform an SPF check, the following steps take place:
- The receiving email server retrieves the SPF record from the DNS records for the example.com domain.
- The receiving server then checks the SPF record for all the IP addresses that are approved to send email on behalf of the domain.
- If the SPF check passes, the receiving server can be confident the message was sent from an approved sending server and will continue processing the message.
- If the SPF check fails, the message is likely illegitimate and will be processed using the receiving server’s failure process.
SPF and sender authentication
SendSquared’s automated security
When you complete Domain Authentication, automated security is enabled by default. Automated security handles DKIM records for you. SendSquared provides CNAME records that you need to add to your DNS records.
Leave a Reply