The Sender Policy Framework (SPF) is a community-based effort, which requires senders to publish their mail server in an SPF record. Whenever an email is received, a check is made to see if the server which sent it is allowed to send emails on behalf of the sender s domain. The purpose of this filter is to detect forged senders.
For example: you receive a message from 'firstname.lastname@example.org' from machine with IP '18.104.22.168'. SPF works by asking 'somedomain.com' if '22.214.171.124' is allowed to send email on its behalf.
For SPF to work, the sender's domain ('somedomain.com' in this example) must publish, via DNS TXT records, the hosts which are allowed to send email on its behalf. Thus SPF requires both sender and recipient collaboration. If this information is not published then SPF will return 'unknown', or 'none'.
To create an SPF record:
- Complete Microsoft's Sender ID Framework SPF Record Wizard. (Update: Microsoft’s tool has been down for a few months, so you can use the SPF Wizard instead if you need to.)
- During Step 3, under Outsourced Domains include smtproutes.com and smtpout.com
- Publish the SPF record from Step 4 on the authoritative DNS server for your domain
- If your DNS records are managed by your ISP, you would need to provide the text from the SPF Setup Wizard to your ISP and ask them to add it to the TXT record of your domain.
- If the domain is hosted on a local DNS server, you will need to manually add the TXT SPF record to your DNS Server.
- Example SPF record, where "ip4:126.96.36.199 " is the IP address of your mail server:
- v=spf1 ip4:188.8.131.52 include:smtproutes.com include:smtpout.com ~all