Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited only to detect a forged sender claimed in the envelope of the email which is used when the mail gets bounced. Only in combination with DMARC can it be used to detect the forging of the visible sender in emails (email spoofing), a technique often used in phishing and email spam.
Specifically, SPF defines a way to validate an email message was sent from an authorized mail server in order to detect forgery and to prevent spam. It was designed to supplement SMTP, the basic protocol used to send email, because SMTP does not itself include any authentication mechanisms.
How Does SPF Work?
SPF establishes a method for receiving mail servers to verify that incoming email from a domain was sent from a host authorized by that domain’s administrators. It piggybacks on the well-established Domain Name System (DNS). In general terms, the process works like this:
- A domain administrator publishes the policy defining mail servers that are authorized to send email from that domain. This policy is called an SPF record, and it is listed as part of the domain’s overall DNS records.
- When an inbound mail server receives an incoming email, it looks up the rules for the bounce (Return-Path) domain in DNS. The inbound server then compares the IP address of the mail sender with the authorized IP addresses defined in the SPF record.
- The receiving mail server then uses the rules specified in the sending domain’s SPF record to decide whether to accept, reject, or otherwise flag the email message.
Why is SPF Important to ReliMail?
If you are a business sending commercial or transactional email, then email deliverability is very important to engage your customers and employees. ReliMail uses strict SPF policies on our Infrastructure to ensure your email is sent to the user it is intended to and gets delivered.
We implement and adhere to email authentication standards including SPF, all email from your account is already SPF-compliant.