Cyber Security Academy · Lesson

SPF Records

Authorizing sending mail servers.

What SPF Solves

SPF (Sender Policy Framework) lets a domain owner publish a list of mail servers authorized to send email on the domain's behalf. Receiving servers check this list to detect forged senders.

SPF answers one question: Is the server that delivered this message allowed to send mail for this domain? If not, the message is suspicious.

Published as a DNS TXT Record

An SPF policy is published as a TXT record in your domain's DNS. There must be exactly one SPF record per domain.

A basic example:

; DNS TXT record for company.com
company.com.  IN  TXT  "v=spf1 ip4:198.51.100.4 include:_spf.google.com -all"

All lessons in this course

How Email Spoofing Works
SPF Records
DKIM Signing
DMARC Policy and Reporting

← Back to Cyber Security Academy