top of page

What is SPF?

Do you use Sender Policy Framework to restrict spoofing?

After commercial organizations in the late 1990s began to suffer from email impersonation, an authentication technique, Sender Policy Framework (SPF), was devised to stop spammers from emailing on behalf of your domain. If your organization sends emails from your own email domain, it is wise to enable a Sender Policy Framework (SPF). Sender Policy Framwork (SPF) is a protocol that allows you to restrict the spread of spam or other fake content on your behalf.   If you become a victim of spoofing, cyber criminals use your email domain to send fake emails. This mainly concerns spam and phishing e-mails, through which they can scam and this case with a fake e-mail on your behalf. To limit this, enable the Sender Policy Framework protocol. This helps verify that an email actually comes from one of your email systems. SPF in combination with the standards DKIM  and DMARC ensures that spoofing on your behalf is stopped.

Email is send with DKIM Mail server DNS server Does Not Match SPAM INBOX Match

An SPF record helps you to keep your emails out of spam

With the SPF protocol it can be verified whether an e-mail actually comes from you or whether your e-mail address is being misused. In your DNS (Domain Name System) you add an SPF record to indicate which e-mail systems, based on their IP address, are allowed to send e-mails on behalf of your organization. Other e-mails will be marked as suspicious by the recipient and therefore blocked by a spam filter. Especially if you have ever been a victim of spoofing, there is a risk that companies and organizations have blocked your domain name, so that your own e-mail is blocked. In an SPF record you add the IP addresses of all systems that are allowed to send e-mails on behalf of your organization. When receiving an email, the recipient of the email will match the “Envelope from” address (the Return-Path header) of the email with the contents of the SPF record. This happens before the entire message is received. When the sending email server is not included in the SPF record of a specific domain, the email from this server will be marked as suspicious and most probably rejected by the email recipient.

With the help of Kevlarr, your email complies with the SPF protocol

Using an SPF protocol is now almost standard if you want to protect your mail servers as optimally as possible. The purpose of SPF is to reduce email spoofing and spam by determining whether the sender of an email message is authorized to send on behalf of the stated sender of the message. Since following such a protocol is a technical act that requires expertise, you can engage the experts at Kevlarr for this. Of course we don't stop after correctly setting up the SPF protocol on your domain. One of the shortcomings of the SPF protocol is that the number of addresses that are included in the SPF record, and that must also be looked up, may not exceed 10. We have the right tools and knowledge to set up the SPF record in such a way that it complies with the SPF protocol. We see the SPF protocol as one part of the puzzle. To fully protect you, we also make sure that DKIM  and DMARC   are correctly configured. Feel free to let us check the rest of your mail domain settings so we can uncover any potential vulnerabilities and optimize security. 

"78% of people claim to be aware of the risks of unknown links in emails. And yet they click…"

bottom of page