SPF Check

The limitations of an SPF check

The Sender Policy Framework (SPF) is an email authentication technique that is used to prevent spammers and cyber criminals from sending messages on behalf of your domain name. SPF enables domain owners to publish an SPF record in the DNS that specifies which mail servers or IP addresses they use to send email. During SPF email authentication, a receiving mail server performs an SPF check to verify that the domain in the "envelope from" address in the email header matches a valid IP address in the SPF record. If the addresses don't match, the email fails the SPF test and the email can be rejected by the email receiver.

An SPF check has limitations, however. It doesn't work when messages are forwarded, and it does nothing to protect against attacks spoofing only the "header from" address (the address that's visible to users). Keeping SPF records updated as organizations change service providers and add mail streams can be difficult.

The email validation system DMARC (Domain-based Message Authentication, Reporting & Conformance) builds on the SPF check protocol (as well as the DKIM signature protocol) to provide a more powerful defense against email spoofing. DMARC augments the SPF check process by letting receiving mail servers know whether a domain is protected by SPF and/or DKIM and provides instructions on how to treat messages that don't pass either of these authentication protocols.

While DMARC can help protect against email spoofing more effectively, it can be difficult and time-consuming to deploy without the right tools. For organizations that want to bolster their email security with DMARC authentication, Mimecast provides a simple and effective solution that reduces the time, effort and costs to deploy DMARC.

Key features of DMARC Analyzer

DMARC Analyzer acts as an expert guide to move towards a reject policy as fast as possible. Features of DMARC Analyzer include:

• Unlimited users, domains and domain groups to provide complete coverage of email security.
• Automated alerts and reporting through email.
• DMARC/SPF/DKIM record checkers.
• User-friendly charts and statistics for monitoring performance.
• Two-factor authentication to enhance security.
• Forensic reports that help email administrators identify and stop the sources of malicious email.
• A DMARC record setup wizard that facilitates fast and easy DNS updates.
• Summary reports provided daily and weekly to track progress.
• Tools to check DNS changes over time and proactive email alerts when DNS records are altered.
• Managed services (optional) that help to minimize risk and that offer the shortest path to DMARC enforcement.

FAQs: What is an SPF check?

What is SPF?

SPF, or Sender Policy Framework, is an email authentication protocol that lets the owner of a domain provide information in a DNS record about which IP addresses the domain uses to send email.

What is an SPF check?

When an email message is sent, the receiving mail server can perform an SPF check to verify that the IP in the "envelope from" address in the message's header matches the IP addresses listed in the domain's SPF record in the DNS. If the SPF check is successful, the message is sent onto the recipient. If the SPF check fails, that information can help the receiving mail server to determine whether the message should be delivered in the inbox, sent to the spam folder or needs to be blocked.

What is an SPF record check?

An SPF record check is a diagnostic tool that can look up and validate an SPF record. An SPF record check can highlight any errors within the record that might affect successful delivery of email messages. Mimecast offers a free SPF record check along with free checks of DKIM records and DMARC records.