SPF
What is SPF?
SPF, or Sender Policy Framework, is an email authentication standard that lets a domain owner publish which mail servers are allowed to send email on behalf of that domain.
Examples
- A company adds an SPF record to DNS so receiving mail servers can check whether its approved Microsoft 365 servers are allowed to send email for the company domain.
- A marketing platform is added to a domain's SPF configuration so newsletters sent through that service are recognized as legitimate.
Discover 🔎
One of the biggest problems in email security is that it is easy to make a message look as if it came from someone else. An attacker can send a message that appears to come from a trusted company, school, or bank even when that organization never sent it. SPF was created to make that kind of deception harder.
The idea behind SPF is simple. If a domain owner knows which mail servers are supposed to send email for the domain, that information can be published in DNS. Then, when a receiving mail server gets a message claiming to be from that domain, it can check whether the sending server is actually on the approved list.
Summary 📝
SPF is an email authentication standard that lets a domain owner publish which mail servers are allowed to send email for the domain. It helps receiving mail systems check whether a message came from an authorized source, which makes spoofing harder. Its real value is strongest when it is accurate, maintained properly, and used alongside other email authentication controls.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.