The Sender Policy Framework is a way of validating email messages. Email providers (like Yahoo and Google and your own mailserver) filter emails to prevent spam from reaching your inbox. To effectively filter the millions of emails that are sent and received every day, they use different methods to quickly determine whether a message is likely to be spam. SPF specifically minimizes email address spoofing, which can prevent you from sending legitimate email.

Spammers often forge or “spoof” email addresses. This means they send spam email that looks like it is coming from your domain. Spammers spoof your address to make it more likely that recipients will open spam emails and less likely that the messages will be marked as spam.

When someone sends spam using your domain name, most servers that receive the spam check your domain name to see if it has a SPF record. SPF records are a special type of DNS record. Specifically, it’s a list of the servers that are allowed to send email from your domain.

If a SPF record is present in your domain’s DNS zone file the server will then check to see if the mail originated from a server or IP that is listed in the SPF record. If the mail came from a SPF-listed source then the message is processed normally. If the mail did not originate from a server in the SPF list then the message is instantly rejected per the receiving server’s policies. So, adding an SPF record to your server makes your domain less likely to be spoofed. It’s not worth it for spammers to spoof email addresses when they know the vast majority of the spam will be rejected because of SPF.

The first indication of email spoofing is a lot of bounced emails coming into your inbox that look like they were sent from your email. Spammers send to huge lists of addresses; some of them will inevitably bounce. This is called “backscatter.” It’s a good idea to set up SPF records no matter what, but if you start getting backscatter, you definitely want an SPF record. If your address continues to be spoofed, it could affect your ability to send legitimate email.

When email providers receive email, they try to filter out spam and only deliver legitimate email. One way they do this is by blacklisting IP addresses that send spam email. If someone is spoofing your email address, your whole IP could end up on a blacklist and all the legitimate emails you send will be considered spam.

We recommend you add an SPF record for every domain you have. Now that you know what an SPF record is, learn how to add an SPF record to your DNS!

Was this article helpful?

Thank you for your input.

Thank you for your feedback.