How does SPF work?
SPF is easy to understand. The “Internet” uses DNS (Domain Name System) to resolve Domain Names (as an example www.msexchange.org) into IP addresses. DNS is also used to direct requests for different services like e-mail and Web Servers. For every Domain around the world, an MX (Mail Exchanger) record must exist. An MX record tells the e-mail sender where the target server for receiving mail is located.
SPF is publishing “reverse MX” records in DNS, which shows the mail sender which machines send mail from the domain.
The recipient of the e-mail can now check these records to ensure that e-mail is coming from a „trusted“ sender from this domain.
These “reverse MX” records can be quickly published in DNS. It takes only one line in DNS to fulfill all requirements.
SPF operates at the level of the SMTP transaction, and requires at most three pieces of information:
- The MAIL FROM: parameter of the incoming mail
- The HELO or EHLO parameter of the sending SMTP server (used for Mailer-Deamon bounces which send a blank MAIL FROM)
- The IP address of the sending SMTP server
Benefits of SPF
- SMTP without SPF allows any computer to send an email claiming to be from anyone, so it is easy for spammers to send email from forged addresses.
- It makes tough to trace back from which system Spam comes. On the other hand, it is very easy for Spammers to fake their sender address so that the receiver trusts these e-mails.SPF allows an Administrator of an Internet Domain to specify which machines are authorized to transmit e-mail from that domain.