Sender Policy Framework


SUMMARY

Sender Policy Framework (SPF) is a method of detecting when an email sender is forging their sender address. It does this by confirming with the senders alleged domain (via DNS lookups) as to whether the connecting IP address, or other various details, is valid.

DETAIL

For example, if a spammer was sending emails as greatdeals@aol.com, then a lookup is done for SPF details against the AOL.com domain. Information returned from this lookup could determine that since the IP address of the spammer is not an AOL IP address then it is likely to be spam. 

Setting and Description
Enable SPF - Enables the SPF detection.
Add Received SPF header  - Adds the Received SPF header to all unauthenticated emails arriving via SMTP.
Enable local policy  - Use your own SPF local policy.

With MailEnable, the results of a SPF test are added as a header item to the email. The header is Received-SPF. SPF tests return one of seven results, which are outlined below. The added header includes the result and a brief description. If any filters are running to check the header, the first string after the header is the result. i.e. Received-SPF: none, Received-SPF: fail.

Result and Description
Pass - The email comes from a valid source.
Softfail - The email may not be from a valid source.
Fail -The email does not come from a valid source.
Neutral - The data is inconclusive in determining whether the email is coming from a valid source.
None - The domain has no SPF record.
Error - There is an error processing the SPF.
Unknown - There is an error processing the SPF.

MORE INFORMATION

Spam FAQ: Article ME020391

REFERENCES

SPF is defined in RFC 7208 found at https://tools.ietf.org/html/rfc7208



Product:MailEnable (All Versions)
Article:ME020345
Module:General
Keywords:SPF sender policy framework spam dns lookups test antispam, anti-spam, spam,
Class:INF: Product Information
Revised:Friday, February 19, 2021
Author:
Publisher:MailEnable