The value of an SPF record check
Sender Policy Framework, or SPF, is an email authentication technique that helps protect email senders and recipients from spam, phishing and spoofing. SPF enables receiving mail servers to authenticate whether an email message was sent from an authorized mail server – but only when the domain owner's SPF record is valid.
Mimecast DMARC Analyzer provides a free SPF record check that can validate an SPF record by simply entering a domain name. Within seconds, you can receive a report that displays your DNS record and parses your SPF record, identifying any problems with it. Mimecast's SPF record check can also validate any updates you applied to your record. It is strongly recommended to carefully test updates with an SPF record check before applying them to a DNS record.
Perform a free SPF record check now.
Heighten SPF effectiveness with DMARC
The SPF email protocol helps to block email where spammers and scammers send messages that appears to come from a trusted domain. SPF enables the owner of a domain to publish a list of mail servers that are authorized to send mail on its behalf. The list appears in an SPF record in the domain's DNS. When receiving an email, ISPs and mail servers can perform an SPF check to see if the message has been sent from an authorized source. If a message fails the SPF test, it may be blocked or delivered in the spam folder.
While the SPF protocol is helpful for stopping certain types of email attacks, it is not a comprehensive solution for email security. SPF offers no protection for email that is forwarded, and it can't spot emails where attackers are spoofing only the "from" address – the address that users see in the email header. Additionally, many organizations fail to continuously update their SPF record, making the protocol less effective.
It's no wonder, then, that many organizations are turning to DMARC (Domain-based Message Authentication, Reporting & Conformance) to improve email security. DMARC builds on SPF as well as the DKIM authentication protocol to tighten security and spot illegitimate email more successfully.
Despite its advantages, DMARC can be a challenge to deploy and administer successfully. To simplify implementation and management of this powerful protocol, Mimecast offers a 100% SaaS solution that minimizes the cost and complexity of DMARC deployment.
Mimecast DMARC Analyzer
Mimecast DMARC Analyzer is a cloud-based solution that makes it easy for organizations to manage the complex process of deploying DMARC. Offering user-friendly DMARC analyzing software, this Mimecast offering acts as an expert guide to help you move toward an enforced DMARC policy as quickly as possible. DMARC Analyzer provides 360° visibility and insight across all email channels to ensure that legitimate email does not get blocked as organizations enforce a DMARC reject policy.
Features of DMARC Analyzer include:
- Self-service email intelligence tools for simplified DMARC deployment.
- Alerts, reports and charts for monitoring ongoing performance and achieving DMARC enforcement.
- Unlimited users, domains and domain groups for complete coverage of email authentication.
- DMARC/SPF/DKIM record checkers.
- Two-factor authentication for heightened security.
- Forensic reports that help administrators identify and track down sources sending malicious email.
- Fast and easy DNS updates with a DMARC record setup wizard.
- Tools to monitor DNS changes over time and proactive email alerts when records change.
- Summary daily and weekly reports that help administrators track progress.
- Optional managed services that help to de-risk and deliver DMARC enforcement more quickly.
Additional Mimecast solutions for email security
Mimecast offers an all-in-one solution for email security with a suite of services for defending against a wide range of email-borne threats.
- Mimecast Secure Email Gateway stops threats like spear-phishing, zero-day attacks, malware and spam at the gateway. This service relies on a combination of innovative applications and policies along with multiple detection engines and intelligence feeds.
- Mimecast Internal Email Protect helps to identify and stop threats which originate from an email system or that have landed internally and are spreading from user to user. Mimecast scans all email generated internally for malicious links, attachments and sensitive content to prevent the spread of attacks or data leaks.
- Mimecast Attachment Protect neutralizes threats that are embedded within email attachments by using multiple antivirus engines, safe file conversion, behavioral sandboxing and static file analysis.
- Mimecast URL Protect blocks users from accessing suspicious or malicious links in email by performing real-time scanning on every click and rewriting URLs in all inbound emails.
FAQs: What is an SPF record check?
What is SPF?
Sender Policy Framework, or SPF, is a technique for authenticating email that enables the owner of a domain to specify which mail servers or IP addresses are used to send mail. Receiving mail servers can determine whether an inbound email is legitimate or not by comparing the "envelope from" address in the email header to the list of IP addresses published by the domain.
What is an SPF record?
An SPF record is a list of authorized mail servers that is published in the Domain Name Service (DNS). When receiving an email, a mail server can check the IP addresses in the SPF record. If the IP address in the email header isn't listed in the SPF record, the email may be considered illegitimate and may be rejected.
What is an SPF record check?
An SPF record check is a diagnostic tool that looks up the SPF record for a domain, displays the record and runs tests to uncover any errors within the record that could adversely impact email delivery. Mimecast offers a free SPF record check as well as a free DMARC record check and a free DKIM signature check service.