Sender Permitted FromSender Permitted From
is an extension to SMTP
, also called SMTP+SPF, designed to help relieve spam
. It works by letting a domain specify who is eligible to transmit e-mail
for itself, using special codes in the TXT DNS
The exact specifications may change, but as of writing, the records are laid out like this (in typical DNS-syntax):
wikipedia.org IN TXT "v=spf1 mx ptr default=deny"
"v=" defines the version of SPF used, the following words provides the methods to use to determine if a domain is eligible to send mail, and the "default=" defines how to treat non-matching hostnames.
The following methods are defined:
- A - If the domain name has an A record corresponding to the sender's address, it will match. (That is, the mail comes directly from the domain name.)
- MX - If the domain name has an MX record resolving to the sender's address, it will match. (That is, the mail comes from one of the domain's mail servers)
- PTR - If the sender reverse-resolves to a domain ending in the domain name, match.
- IP4 - If the sender is in a given IPv4 range, match.
- IP6 - If the sender is in a given IPv6 range, match.
- EXISTS - If the given domain resolves, match (no matter the address it resolves to).
SPF only keeps spammers
from forging the domain names given in the From-addresses of an email, it does not keep them from sending from their own domains.