SPF DNS Records
What Is An SPF Record?
SPF stands for "sender policy framework" and it was designed to prevent unauthorized email delivery.
SPF records are DNS records, type TXT, that contain a list of authorized SMTP servers that are authorized to send email for the start of authority (SOA) zone, i.e. the domain which is used as the "from" address.
The Chain of Trust
For example, if one receives an email from sysadmin@example.com, how is one to know that the administrators of the example.com domain actually sent the email? That is a complex question, but its complexity is reduced if there is a mechanism to double check if the system administrators control the server which sent it.
The chain of trust goes like this:
- Systems administrators have control of their DNS records
- Systems administrators can specify a list of network addresses that are authorized to send emails
- If an email is sent from one of those addresses, theoretically it is authorized
Granted, all this depends on the system administrator knowing what they are doing and making sure their systems are secure, but without such a system, almost anyone can send email impersonating anyone they want!
SPF Syntax
$ dig TXT informedemail.com ; <<>> DiG 9.7.0-P1 <<>> TXT informedemail.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15818 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0 ;; QUESTION SECTION: ;informedemail.com. IN TXT ;; ANSWER SECTION: informedemail.com. 86400 IN TXT "v=spf1 -all"