Sender Policy Framework (SPF) In A Nutshell

Prab Updated
0.0 (0)
5   0   0   0

In this article, I shall explain how Sender Policy Framework (SPF) works, its benefit & and a real-life example.

Idea: With SPF, we could check if the received  E-Mail is from the legitimate IP Address & defend against E-mail spoofing. SPF could be implemented to enhance E-Mail security in general.

Procedure: 1. The sender of the E-Mail would advertise the IP addresses of the servers that are allowed to send E-Mails for his/her domain. The IP addresses are published in form of SPF records. SPF record is generally a DNS text record with a particular format 2. Upon receiving an E-Mail, the receiver will perform a DNS lookup to check whether a SPF record for the sending domain exists 3. If the SPF record exists, then the receiving Mail Gateway will further check if the IP Address that is sending this E-Mail is listed as a permitted sender in the SPF record or not 4. If the sending mail gateway's IP address is listed as permitted sender, then the E-Mail is accepted else (normally) rejected

Real Life Example: I am very pleased to announce that, the Trybe Team is using the SPF feature! In the following image, you could see that an E-Mail received by my Gmail account from Trybe team has passed the SPF check. :) In plain words, it means that the Gmail's mail gateway performed SPF check on this E-mail & confirmed that the IP address is a permitted sender listed in the SPF records of Trybe team.


E-mail from Trybe Team passed the SPF check


SPF is a very simple and easy to implement technique. Most of the DNS resolvers are compatible and support SPF records. The drawback of the SPF, it that does not ensure E-Mail integrity.

I hope you find this helpful!  Please feel free to provide your suggestion or opinions. Thanks :)

User reviews

There are no user reviews for this listing.
Already have an account? or Create an account