SPF records

Sender Policy Framework is a record that is used to help prevent email spoofing. It allows you to specify all of the IP addresses that you would send mail from in one simple TXT record, and to tell the receiving server to only allow the outbound servers you listed.

The following is an example of a TXT record, with definitions for each portion of it.

SYNTAX FORMAT:

Format of TXT: “v=spf1 mx ip4:{any server you may also send from IP} include:spf.messaging.microsoft.com ~all

V=spf1 This is the version of SPF that is being used.
MX This indicates that you are sending also from everything listed on your MX record.
IP4 This is for any server IP address that you also allow for (not needed for FOPE servers if you included the FOPE SPF record and send only through FOPE).
Include This parameter includes additional records to allow sending for your domain.
all all has three switches that it can use:

  1. : Do not accept any mail from anyone other than listed above; hard-fail.
  2. ~: Do not accept any email that does not come from one of the above; allow but soft-fail the email.
  3. ?: Indicates that there are more servers that may be sending from our domain.

EXAMPLE:

A normal TXT for a client who sends only through FOPE might look like the following example:

“v=spf1 include:spf.messaging.microsoft.com ip4:192.168.254.254 -all”

reference: http://technet.microsoft.com/en-us/library/ff714972.aspx

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s