Difference between revisions of "SPF"

From ASRG
Jump to navigationJump to search
(Created page with "{{ast |date=2003 |difficult=Easy |popular=Medium |effective=Medium |harm=High |where=MTA }} SPF (originally Sender Permitted From, now Sender Policy Framework) is a path manageme…")
 
Line 7: Line 7:
 
|where=MTA
 
|where=MTA
 
}}
 
}}
 +
 
SPF (originally Sender Permitted From, now Sender Policy Framework) is a path management technique that assigns a set of permitted IP addresses to the domain in a message's bounce (MAIL FROM) address.  The SPF record is a TXT record published in the DNS under the name of the domain, in a complex format. If the IP address from which a message is sent matches the domain's record, SPF succeeds. If not, there are various levels of hard and soft failure.
 
SPF (originally Sender Permitted From, now Sender Policy Framework) is a path management technique that assigns a set of permitted IP addresses to the domain in a message's bounce (MAIL FROM) address.  The SPF record is a TXT record published in the DNS under the name of the domain, in a complex format. If the IP address from which a message is sent matches the domain's record, SPF succeeds. If not, there are various levels of hard and soft failure.
  
Line 12: Line 13:
 
In practice, it works well for bulk mailers that send from a small set of servers, somewhat well for organizations where most users use the organization's own mail system, and not at all for courtesy forwarders, and "permanent" mail addresses at universities and professional societies.
 
In practice, it works well for bulk mailers that send from a small set of servers, somewhat well for organizations where most users use the organization's own mail system, and not at all for courtesy forwarders, and "permanent" mail addresses at universities and professional societies.
  
A Sender Rewriting Scheme (SRS) has been proposed for mail forwarders to use to make forwarded mail more compatible with SPF, but it has seen little use.
+
[[SRS]] is intended to make forwarded mail more compatible with SPF.
  
 
= References =
 
= References =
 
* [http://www.openspf.org/ SPF Project Overview]
 
* [http://www.openspf.org/ SPF Project Overview]
* [http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme Sender Rewriting Scheme (SRS)]
 

Revision as of 00:20, 15 December 2010

Anti-spam technique: SPF
Date of first use: 2003
Effectiveness: Medium
Popularity: Medium
Difficulty of implementation: Easy
Where implemented: MTA
Harm: High


SPF (originally Sender Permitted From, now Sender Policy Framework) is a path management technique that assigns a set of permitted IP addresses to the domain in a message's bounce (MAIL FROM) address. The SPF record is a TXT record published in the DNS under the name of the domain, in a complex format. If the IP address from which a message is sent matches the domain's record, SPF succeeds. If not, there are various levels of hard and soft failure.

Like all path validation schemes, SPF does not deal well with mail that does not all come from a fixed source. In practice, it works well for bulk mailers that send from a small set of servers, somewhat well for organizations where most users use the organization's own mail system, and not at all for courtesy forwarders, and "permanent" mail addresses at universities and professional societies.

SRS is intended to make forwarded mail more compatible with SPF.

References