Problem
What is a "SPF" record?
Solution
A Sender Policy Framework record, or SPF Record, is used to control forged email. It does this by asking the sending domain if it matches the IP address of the person sending the email.
Below is an example to give you an idea of how SPF works.
Craig owns the domain example.com. He also sometimes sends mail through his GMail account and contacted GMail's support to identify the correct SPF record for GMail. He also uses outMail for sending outbound emails.
Since he often receives bounces about messages he didn't send, he decides to publish an SPF record in order to reduce the abuse of his domain.
He adds the following record to his DNS domain zone file
example.com. TXT "v=spf1 a:mymailserver.example.com include:aspmx.googlemail.com include:spf.smtp-engine.com -all"
The breakdown of that record is as follows
v=spf1 | SPF version 1 |
mx | the incoming mail servers (MXes) of the domain are authorised to also send mail for example.com |
a:mymailserver.example.com | the machine mymailserver.example.com is authorised |
include:aspmx.googlemail.com | everything considered legitimate by googlemail.com is legitimate for example.com |
include:spf.smtp-engine.com | SPF record for outMail to include all the outMail outbound SMTP Clusters |
-all | all other machines are not authorized |