Sender Policy Framework

The limits of Sender Policy Framework

Sender Policy Framework (SPF) is an email authentication protocol that can be used to prevent spammers and attackers from sending messages that appear to come from a trusted domain. Using the SPF email protocol, an organization can publish a list of authorized mail servers in an SPF record that appears in its DNS record. Receiving mail servers can perform an SPF test on every inbound email, checking to see if the IP address from which the email is sent matches an IP address in the domain's Sender Policy Framework record.

While the Sender Policy Framework offers a certain amount of protection against spam and spoofing, it is not a complete email security solution. A forwarded email will evade an SPF test, and the SPF protocol can't spot email that spoofs only the "from" address – the email address that's visible to users. Additionally, for Sender Policy Framework to work, organizations must keep their SPF records constantly updated – a time-consuming and cumbersome task that gets harder as companies change ISP providers.

DMARC, or Domain-based Message Authentication, Reporting & Conformance, offers an improvement on the Sender Policy Framework protocol as well as the DKIM protocol. DMARC prevents spoofing more successfully by requiring that the information in the "from" address align with other information about the sender, and it requires that a message is authenticated with either SPF, DKIM or both. DMARC also improves reporting and provides detail on how messages that fail authentication should be handled.

In the past, implementing DMARC authentication has been a challenge. The protocol can be difficult to deploy and hard to manage, requiring a significant investment of time and resources. To solve this challenge, Mimecast offers Mimecast DMARC Analyzer, an easy-to-use solution for streamlining DMARC implementation and management.

An easier way to authenticate email

Key features of DMARC Analyzer include:

• Quick and simple setup wizard for DMARC records.
• The ability to monitor DNS changes and receive alerts when DNS records are altered.
• User-friendly aggregate reports and charts for easier analysis and faster DMARC policy enforcement.
• Forensic reports that make it easy to identify and track down the sources of malicious email.
• Coverage for unlimited users, domains and domain groups.
• Summary reports issued daily and weekly to track progress over time.
• Two-factor authentication to enhance security.
• DMARC, DKIM and Sender Policy Framework record checkers.
• Managed services (optional) offered by Mimecast experts with proven deployment and project management expertise to minimize risk and deliver DMARC enforcement more quickly.

FAQs: What is Sender Policy Framework?

What is Sender Policy Framework?

Sender Policy Framework (SPF) is an email authentication method that helps to identify the mail servers that are allowed to send email for a given domain. By using SPF, ISPs can identify email from spoofers, scammers and phishers as they try to send malicious email from a domain that belongs to a company or brand.

What is an SPF record?

An SPF record is a line of text that is stored in the DNS of a domain and specifies which IP addresses are approved for sending email for the domain. When a mail server receives an email, it can check to see if the IP address in the email's header matches the IP address in the SPF record. If the addresses do not match, the message will fail SPF authentication.

What is an SPF record check?

An SPF record check, or SPF validator, is a tool for determining whether an SPF record is valid. An SPF record checker looks up the record for a queried domain, displays any records found and tests the record to find any issues that could create problems for mail delivery.