MailEnable Professional Guide
SMTP - Sender Policy Framework (SPF)

SPF is an acronym for Sender Policy Framework. It describes a method of verifying whether a sender is valid when accepting mail from a remote mail server or email client. An SPF check involves verifying the email address the sender is using to send from, and the IP address they connect to the SMTP service with. SPF uses the sender’s domain to retrieve a TXT DNS record (basically a small text snippet) that describes which IP addresses the domain sends on. The retrieved record is then compared against the connecting IP address and if it matches then the sender is determined to be valid; otherwise it indicates that the sender is impersonating the sending domain.

In basic terms, Sender Policy Framework (SPF) is a method of detecting when an email sender is forging their sender address. It does this by confirming with the senders alleged domain (via DNS lookups) as to whether the connecting IP address, or other details, are valid. For example, if a spammer was sending emails as greatdeals@aol.com, a lookup is done for SPF details against the AOL.com domain. Information returned from this lookup could determine that since the IP address of the spammer is not an AOL IP address then it is likely to be spam. Email can then be marked as likely spam, or not accepted. An SPF record can also be more complicated than just a list of IP addresses, in order to give more flexibility. For details on SPF, see the following website: http://www.openspf.org

Setting

Description

Enable SPF

Enables SPF detection.

Reject failures

If an incoming connection returns a SPF fail, then the email message will not be accepted by the SMTP service.

Add Received-SPF header for unauthenticated senders

Adds the Received-SPF header to all unauthenticated emails arriving via SMTP.

Pass local IP addresses (no checking will be done)

If an IP address is determined to be local, then an SPF check is not done.

Enable local white list policy

Use your own SPF white list policy. The local policy is checked when the all mechanism exists for the domain being checked and is not indicating a pass. The local policy only has an effect if it is passing the domain, so you would create an SPF that indicates requirements for domains you wish to pass. The white list policy can be a complete SPF record, but must exclude the SPF version string (i.e. Must not have “v=spf1”).

Apply best guess policy for domains without SPF records

For connections that do not have an SPF record further checks can be added in their place.  A subsequent check could be done on an MX record or even an A record for the domain lookup.

With MailEnable, the results of a SPF test are added as a header item to the email. The header is Received-SPF. SPF tests return one of seven results, which are outlined below. The added header includes the result and a brief description. If there are filters running to check the header, the first string after the header is the result. E.g. Received-SPF: none, Received-SPF: fail.  For information on configuring filters for handling SPF results, please see the Standard filter criteria section.

Result

Description

Pass

The email comes from a valid source.

Softfail

The email may not be from a valid source.

Fail

The email does not come from a valid source.

Neutral

The data is inconclusive in determining whether the email is coming from a valid source.

None

The domain has no SPF record.

Error

There is an error processing the SPF.

Unknown

There is an error processing the SPF.

 

 

 


© MailEnable Pty. Ltd. All Rights Reserved.