EmailUniverse.com   Email Newsletter Publishing Strategies  
Search In Ezine-Tips
 
   
   

Name:
Email Address:
   
  Ezine-Tips
  List-News
 
Christopher Knight

Sender Policy Framework (SPF) - Explained
By Christopher Knight



Print | Bookmark | Subscribe



SPF stands for Sender Policy Framework and it's an anti-forgery email solution that can also help improve your ability to send legitimate emails into hosts (fancy name for saying other people's email server) that have SPF implemented.

Warning: This article is not for newbie's. If you are a newbie, then here is what to do:

  1. Email or call your email provider or your IT folks and find out if your email list server is currently publishing SPF records.
  2. If so, thank them.
  3. If not, print out this article and ask them to implement it this week.

What SPF is all about:

Normal SMTP (Simple Mail Transfer Protocol - the underlying technology that allows email to work) without SPF allows any computer to send email claiming to be from anyone. We call this "Spoofing" or "Joe Jobs."

The lack of security in normal SMTP makes it easy for spammers to send email from forged email addresses. It also makes it a difficult task for email administrators to trace back to where the spam actually originated from.

SPF allows a domain to specify which machines are authorized to send email for that domain. For example, the owner of emailuniverse.com (me) can designate which systems are authorized to send email with addresses of @emailuniverse.com. This information is defined using special settings in DNS (Domain Name Service) records. Anyone that implements SPF would then ignore any email that claims to come from that domain but fails to come from locations that domain has authorized.

Think of it as caller ID for email and you are able to reject emails from people that are not authentic.

SPF will only keep spammers from forging the domain names given in the From: addresses of an email. By revealing the spammer's true domain it makes it much easier to automatically "blacklist" a domain that sends spam.

Implementing SPF is quite simple:(for your IT team to do)

  • Domains must identify the machines authorized to send email on their behalf.
  • Domains do this by adding an additional record to their existing DNS information.
  • Receivers must request and use SPF information.
  • Receivers request this information using ordinary DNS requests

The key issue in SPF is the specification for the new DNS information that domains set and receivers use. The exact specifications may change, but the records are in typical DNS syntax:

@ IN TXT "v=spf1 a mx a:127.0.0.1 a:my.resolved.ip.com ptr -all"

A quick legend for you to follow:

"v=" defines the version of SPF used, the following text provides the methods to use to determine if a domain is eligible to send mail.

The "-all" at the end specifies that, if the previous methods did not match, reject the message as a forgery.

The following methods are defined:

A - If the domain name has an A record corresponding to the sender's address, it will match.

MX - If the domain name has an MX record resolving to the sender's address, it will match.

PTR - If the sender reverse-resolves to a domain ending in the domain name, match.

IP4 - If the sender is in a given IPv4 range, match.

IP6 - If the sender is in a given IPv6 range, match.

EXISTS - If the given domain resolves, match. This is typically used along with the SPF macro language to perform more complex matches.

Useful Links:

This will assist in creating the record to add:
http://spf.pobox.com/dns.html

Information on what SPF does:
http://spf.pobox.com/whatdoes.html

Information on how SPF works:
http://spf.pobox.com/howworks.html

Executive Summary of SPF:
http://spf.pobox.com/execsumm.html

Sysadmins information:
http://spf.pobox.com/forsysadmins.html

Information for users:
http://spf.pobox.com/users.html

How Can SPF Records Improve Your Email Lists Legitimacy?
http://EmailUniverse.com/ezine-tips/?id=1063&cat=management

Conclusion: There is zero downside to implementing SPF records today and you can only benefit by improving your email deliverability into email hosts that also have SPF implemented. Make a friendly call to your email list hosting provider or your technical support team and make sure your email list server currently supports SPF records. Why? To improve your ability to deliver your emails into hosts that might reject your emails in the future if you don't publish SPF records.

This Ezine-Tip was submitted By Christopher Knight -- Email List Marketing Expert, author and entrepreneur. Get your weekly dose of Email newsletter publishing, marketing, promotion, management, email-etiquette, email usability and deliverability tips by joining the free Ezine-Tips newsletter: http://www.emailuniverse.com/subscribe/.

Ezine-Tips for November 15, 2004

Additional Ezine-Tips Articles from the Resources Category: