Stop Email Fraud with SPF, DKIM, and DMARC (PART I)

What is SPF

The Sender Policy Framework (SPF) is a method of fighting spam by preventing fraudsters using legitimate email addresses to send spam or other fraudulent emails. An SPF record is essentially a TXT record that allows you to specify which servers can send emails on your behalf and helps prevent these emails from getting caught in recipients’ spam folders.

SPF looks at the Return-Path value to validate the originating server and not the From domain. So an email can pass SPF regardless of whether the From address is fake!  At this point you might be wondering ,why bother setting this up? Well SPF is not  perfect but having this along with DKIM and DMARC (discussed later on) can improve your delivery rates and prevent abuse

Setting up SPF

You can either create the txt record manually or use a wizard (i.e. http://www.spfwizard.net) which would provide you with the basic configuration required. Please have in mind some of the common mistakes made when creating such record

Once you complete your SPF record you should just add it as a DNS TXT record to your hosting provider . Examples of few of them below:

Please leave a comment below if you have issues creating an SPF record, you are unsure of how to deploy through DNS or you have any other questions. Next we will look at DKIM and why it is important to have this authentication method enabled

Leave a Reply