How to add a SPF record for my mail accounts?

1. Introduction

The Problem: Sender Address Forgery.

Today, nearly all abusive e-mail messages carry fake sender addresses. The victims whose addresses are being abused often suffer from the consequences, because their reputation gets diminished and they have to disclaim liability for the abuse, or waste their time sorting out misdirected bounce messages. You probably have experienced one kind of abuse or another of your e-mail address yourself in the past, e.g. when you received an error message saying that a message allegedly sent by you could not be delivered to the recipient, although you never sent a message to that address. Sender address forgery is a threat to users and companies alike, and it even undermines the e-mail medium as a whole because it erodes people's confidence in its reliability. That is why your bank never sends you information about your account by e-mail and keeps making a point of that fact. But it does not have to be this way!

The Solution: SPF

The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. SPF allows the owner of a domain to specify their mail sending policy, e.g. which mail servers they use to send mail from their domain. The technology requires two sides to play together: (1) the domain owner publishes this information in an SPF record in the domain's DNS zone, and when someone else's mail server receives a message claiming to come from that domain, then (2) the receiving server can check whether the message complies with the domain's stated policy. If, e.g., the message comes from an unknown server, it can be considered a fake.

2. How it can be implemented for your Domain.

If all your outgoing emails go through Mail Server of your Internet Service Provider (ISP) it is necessary to configure an appropriate SPF record. Let's consider an example of SPF configuration for host2day.gr domain and OTEnet ISP, where all outgoing emails go through the mailgate.otenet.gr (Mail Server of OTEnet). After your email is delivered to mailgate.otenet.gr begins its transmission to OTEnet's Outgoing Mail Servers which should be added to the SPF record of host2day.gr. Here is a list of OTEnet's Outgoing Mail Servers:

  • aiolos.otenet.gr
  • rosebud.otenet.gr
  • mailgate.otenet.gr
  • kane.otenet.gr
  • runner.otenet.gr
  • dionisos.otenet.gr

Let's add them through the Hosting Control Panel of host2day.gr:

Open https://host2day.gr:8443/ and press DNS Settings

Press on TXT record host2day.gr:

You can see the current SPF record:

which should be changed to the following record to match our servers list:

v=spf1 +a +mx +a:aiolos.otenet.gr +a:rosebud.otenet.gr +a:mailgate.otenet.gr +a:kane.otenet.gr +a:runner.otenet.gr a:dionisos.otenet.gr –all

Important: Don't change the syntax rule. If you need to add for example a new Mail Server newserver.otenet.gr please change the record like that:

v=spf1 +a +mx +a:otenet.gr +a:aiolos.otenet.gr +a:rosebud.otenet.gr +a:mailgate.otenet.gr +a:kane.otenet.gr +a:runner.otenet.gr a:dionisos.otenet.gr a:newserver.otenet.gr –all

It can be necessary when OTEnet changes the names of Mail Servers or adds new ones.

Save

  • 1 Χρήστες που βρήκαν αυτό χρήσιμο
Ήταν χρήσιμη αυτήν την απάντηση;

Σχετικά Άρθρα

Inspecting Postfix’s email queue

Για να δείς το περιεχόμενο της ουράς μηνυμάτωνpostqueue -p | morethe above commands display all...

Πώς μπορώ να δω τα email μέσω WEB (webmail);

Για να συνδεθείτε σε έναν λογαριασμό e-mail του hosting σας μέσω web πηγαίνετε στην εξής...