Prolateral Consulting Ltd
Prolateral Consulting Ltd

News

If you haven't got an invitation...

bouncer_edit557.jpg"...you're not getting in", goes the clichéd doorman's response.

proFilter does an excellent job of working out if the email trying to get into the party in your Inbox is a desirable or not; but wouldn't if be good if your real guests all had gilt-edged, quality invitations? Can you increase the reputation of your real email?

Stretching the analogy further; if potential guests turned up with an invitation which was written in crayon on on brown paper - the bouncer would be able to turn them away without a hesitation (unless your 3-year-old had sent out the invites).

To bring this back into the world of email; if you could check to see if the email purporting to be from fred @ acme.com had actually come from a machine owned by acme.com, you could decide to accept or refuse the email on that basis.  If only there was a way for Acme Ltd to tell you which machines were authorised to send email on their behalf...

spf-logo-small.pngWell: there is. It's called the Sender Protection Framework (SPF) and although it doesn't directly protect your inbox from Spam (that's proFilter's job) it prevents (or discourages) your domain being used as the apparent sender of Spam. So you're protecting the good reputation of your domain, and helping to cut down Spam to others by telling them which machines are allowed to send your email.

So how does it work?

In essence, all it involves is telling the Internet as a whole which servers are allowed to send email on your behalf - and it uses the DNS system to do so. You, or your IT partner, will have control over the records which tell the Internet where to find your webserver or send your email; setting up SPF is simply a matter of adding a new piece of information to that list - which servers are allowed to send your email.

Is that it?

Yes. More and more mail systems use SPF (when available) to aid decisions on the provenance of email. proFilter is no exception. As soon as you've added the extra SPF information to your DNS, anyone you send email to can use that extra information to ensure that email addressed from you, must have come from you. There's nothing to configure on your outbound email server, and if you want to you should switch on SPF checking on your inbound server.

It is important that your SPF records are setup properly. If they are wrong, then it's the equivalent of sending out those invitations in crayon: the doorman won't even let your best friends into your party, or your email into your inbox.

What happens if I don't use it?

If you don't have SPF records for your domain, then a receiving email server will just work as before. It will accept email from whoever. However if you do have SPF records, and the email is only masquerading as coming from your domain but hasn't come from your SPF-listed servers, it will be penalised heavily, and should be rejected tout-de-suite. This is why it's important that if the SPF records exist that they are correct.

Given that you don't need to make any server changes, install any software, or update any internal systems; it's an easy, quick method of protecting your reputation and helping to squeeze spam out of the Internet.

Ok. Where can I find out more?

Take a look at the OpenSPF website for full details - www.open-spf.org - or talk to us!