Sender Policy Framework (SPF) – Notes on my learnings
I met one of my close friends two days back and during our revelry session he asked me a question. Being not from IT field (not exactly but far from IT from long time) he asked me to look into his problem which was related to IT. He has a website for his business and when he sends emails to his clients or prospects, emails go into spam or junk folders. Obviously he was not using any inappropriate words in his emails for spam filters but still he was facing the problem. This was really important for his business so we started working on it.
One other friend already had some idea of this problem and guided us to the solution. I learnt a new thing by solving this problem. It is SPF (Sender Policy Framework) .You can read it in detail at Wikipedia (http://en.wikipedia.org/wiki/Sender_Policy_Framework). What i understood is that this is one the ways to validate source address spoofing in emails e.g. If you are sending an email from xyz@domain1.com then the origination of your email i.e. the mail server should be authorized by the DNS server i.e. domain1.com.
SMTP does not include this detail in protocol so SPF provides the way to validate emails. SMTP protocol allows any origination point to send an e-mail claiming to be from anyone so it is easy for spammers to send e-mail from forged addresses. SPF provides the way to specify which machines are authorized to transmit e-mail for that domain.
So this was some details about the SPF and of course you can read it detail. For more serious readers, go through the rfc . Now come back to the point i.e. How we solved the problem? And did my friend was doing the same thing ? Yes.
Generally when we take a hosting account and domain address, we also take mail server as a part of the package. But if you register domain and hosting from one provider and mail server from different provider, you will face the same situation as my friend was facing as he did the same thing.
Solution: You need to ask your domain registration service to modify the domain server entry and add a SPF record in that. If you are using Google mail server as your mail server you should go through this link (http://www.google.com/support/a/bin/answer.py?hl=en&answer=33786).
Here are some tools for SPF:
1. SPF record Testing tools: If you own a domain, you can check spf record published by your domain service.
2. SPF setup wizard: Try using this wizard for generating SPF record for your domain.
Most Commented Posts
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
No comments yet.
Leave a comment