Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as e-mail spoofing. SPF and other anti-spoofing initiatives, such as Domain Keys, work by making it easier for a mail server to determine when a message came from a domain other than the one claimed.

Here's how it works:

The SPF specification defines a policy framework, an authentication scheme, and a machine-readable language. Each participating domain declares attributes that uniquely describe their mail, including authorized senders. This description is represented in an SPF record, which is published in DNS (domain name system) records. An SPF client program performs a query searching for the correct SPF record, in order to determine whether a message comes from an authorized source. There are seven possible query results, including pass, which means that the message meets the domain's definition for legitimate messages; fail, which means that a message does not meet that requirement; and further stipulations for mail that doesn't fit either category, such as messages from domains that do not publish SPF data.

SPF and other authentication-based measures are designed to redress a vulnerability in Simple Mail Transfer Protocol (SMTP), the main protocol used in sending e-mail, which does not include an authentication mechanism.

This was last updated in May 2007

Continue Reading About Sender Policy Framework (SPF)

Dig Deeper on Threats and vulnerabilities