mirror of
https://github.com/internetstandards/toolbox-wiki.git
synced 2024-11-24 12:01:35 +01:00
Updated SPF how to (markdown)
This commit is contained in:
parent
336ec557c3
commit
efd10c33be
@ -8,7 +8,7 @@ SPF is short for "**S**ender **P**olicy **F**ramework" and is described in [RFC
|
|||||||
Our current e-mail infrastructure was originally designed for any mail sending host to use any DNS domain name it wants. The authenticity of the sending mail server cannot be deterimined, which makes it easy for random third parties to make use of a domain name with possibly a malicious intent. This increases the risk of processing e-mail since the intentions of the sender (host) are uncertain. SPF can help the fight against spam and other kinds of unwanted e-mail be offering a way of authenticating the sending mail server.
|
Our current e-mail infrastructure was originally designed for any mail sending host to use any DNS domain name it wants. The authenticity of the sending mail server cannot be deterimined, which makes it easy for random third parties to make use of a domain name with possibly a malicious intent. This increases the risk of processing e-mail since the intentions of the sender (host) are uncertain. SPF can help the fight against spam and other kinds of unwanted e-mail be offering a way of authenticating the sending mail server.
|
||||||
|
|
||||||
# Tips and tricks for implementation
|
# Tips and tricks for implementation
|
||||||
to-do
|
* The sender address shown to the user ("5322.From header") is not used when authenticating. SPF uses the invisible "5321.From header". Combining SPF with DMARC removes this disadvantage.
|
||||||
|
|
||||||
# DNS records (outbound e-mail traffic)
|
# DNS records (outbound e-mail traffic)
|
||||||
SPF for outbound e-mail traffic is limited to publishing an SPF policy as a TXT-record in a domain name's DNS zone. This enables other parties to use SPF for validating the authenticity of e-mail servers sending e-mail on behalf of your domain name.
|
SPF for outbound e-mail traffic is limited to publishing an SPF policy as a TXT-record in a domain name's DNS zone. This enables other parties to use SPF for validating the authenticity of e-mail servers sending e-mail on behalf of your domain name.
|
||||||
|
Loading…
Reference in New Issue
Block a user