How can we help?

Cordial DNS Records: SPF

Overview

Sender Policy Framework (SPF) is a DNS text record that tells the receiving server who is authorized to send email on behalf of the “from” domain used in mailings.

What does the SPF record look like?

  • Basic:
e.example.com. txt v=spf1 ip4:129.73.42.0 -all
  • Advanced:
e.example.com txt v=spf1 ip4:129.73.42.0 ip4:129.73.42.1 include:_spf.google.com -all

How does SPF work?

1. The receiving server sees the incoming server IP address and the “from” domain.

2. Next, the receiving server looks up the SPF DNS record of the “from” domain.

3. The incoming IP address is checked against any IP addresses listed on the SPF record.

4. If the incoming IP address is within the SPF record, the message has passed SPF authentication.

Why do I need to use SPF?

SPF is one of multiple DNS records used to authenticate the sender. Others include DKIM and DMARC records. Authenticating the message increases the likelihood that the message gets delivered to the inbox.

Failing SPF normally leads to bulking, bouncing, or phishing warnings, depending on the settings of the receiving servers.

Is this a record that needs frequent updating?

If there are no changes to your platform, updates are minimal or not needed at all. If you start using additional IP addresses or using a vendor that may send mail on your behalf, those additional IP addresses will need to be added to the existing SPF record.

Additional Resources

Open SPF
RFC 4408
RFC 7208

Comments

0 comments

Please sign in to leave a comment.