Scribd
Upload
22 views

SPF Faq

The document discusses Sender Policy Framework (SPF) records, which are used to authenticate email senders by verifying the IP addresses used match those published in the domain's DNS. It explains what a SPF record and return-path envelope domain are, how SPF policy is enforced, how to create or validate a SPF record, and when SPF records should be updated.

Uploaded by

sherry
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
22 views

SPF Faq

The document discusses Sender Policy Framework (SPF) records, which are used to authenticate email senders by verifying the IP addresses used match those published in the domain's DNS. It explains what a SPF record and return-path envelope domain are, how SPF policy is enforced, how to create or validate a SPF record, and when SPF records should be updated.

Uploaded by

sherry
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Email Reputation Management (SPF Basics)

What is an SPF record?


Sender Policy Framework (SPF) is an email validation system designed to prevent email spam and is used
to authenticate sending sources over a domain. It does this by detecting spoofing through verifying the
sender's IP addresses used in the delivery against an authorized list of IP addresses published on a
single TXT record located at the sender domain’s DNS.

What is the return-path envelope domain (MAIL FROM)?


The MAIL FROM is the domain used to authenticate and pass SPF. This is a domain hidden in the email
header that designates where and how bounced emails will be processed. It’s part of the header that is
sometimes called the bounce address or return path envelope. This domain is where you want to make
sure the SPF record is updated.

How is SPF policy enforced?


SPF validates the origin of email messages by comparing the IP address used to deliver them against the
IP addresses published in the sender’s DNS. If the sending IP address is not found in their public DNS
then SPF will not pass. An SPF record traces the backward flow of the message to legitimize the sender.

How do I create or add an SPF record?


There is typically a lot of material available at the email sending engines for this. We ask that you
carefully review the technical setup requirements at Google, Microsoft or whomever is supplying the IP
address for message delivery will have additional information about their SPF requirement. Currently, the
Engage app does not supply users with the email engine and IP addresses for delivery.

How can I view or validate my SPF record?


It’s entirely possible that you already have an SPF record published correctly and that no changes need
to be made. There are sites where you can go and query your domain’s SPF policy. We recommend using
Kitterman in order to test the SPF policy for a domain before publishing it to DNS.

Once you’ve confirmed the SPF record is published then send yourself a test message and then view the
original raw message headers and keyword search for SPF to see if it passed (SPF=Pass).

When should I make updates to my domain’s SPF record?


The SPF record on the MAIL FROM should only be updated when a sending source for a domain is added
or removed. So for example if a vendor is contracted to send emails on your behalf, then you want to
include their SPF domain or IP address as part of your SPF policy. Likewise, if a vendor sending emails
on your behalf has been cancelled then you want to remove their SPF domain or IP address from your
SPF policy.

engage.zoominfo.com

You might also like