Home Page Knowledge Base Email - Spam Email Creating SPF Records
Knowledge Base
Creating SPF Records
What is a .spf record?
This stands for Sender Policy Framework. It is basically as technical way of stopping email forgery.


What do you mean by email forgery?
Virtually all unwanted email (Spam, Phishing, Scams, Worms/Viruses etc.) use forged message headers, where the sender uses someone else's email address details on the emails they send out.


Why would they do this?
Three reasons:

1) Most spam emails don't need replying to, they instead provide a link to website or similar. Therefore the Spammer does not want to be getting all the replies and more importantly all the failed/bounced emails that could not be delivered - so they use another address so all the unwanted replies go there instead

2) Phishing Emails are specifically designed to impersonate banks or other organisations, so will always show up as coming from some well known institution.

3) Most other unwanted emails just want to confuse the receiver of the email who may not understand that the "from" address does not always show the true origin of the email, and chances are the recipient will start making complaints against some innocent party who has had they email address forged.


So what exactly does an SPF record do?
In simple terms, an SPF record allows the owner of a domain to specify which mail servers are allowed to send email on behalf of that domain name.

So for example, if you are a Daily.co.uk customer then you will be sending email via our outgoing SMTP server: mail.daily.co.uk.

If someone was 'spoofing' or forging your email address, then they would be using their own mail server somewhere to send email, not ours


So how does this work then?
You would send an email as normal, however if you have set up an SPF record (i.e. saying that it's only valid if it has come from mail.daily.co.uk) then when the email arrives at it's destination, the receiving server looks up the SPF record and performs a check to ensure that the email has really come from mail.daily.co.uk.

If it finds that it hasn't, then it will consider it a fake or spoofed email and reject it.


And this all works?
Yes, but remember it does take two for this to work.

It's fine you creating an SPF record for mail you send, but for it to work then the receiving email server needs to enforce them. Many mail servers do support SPF one way or another though.


So how do I set up an SPF record?

1) Log into your MyDaily Control Panel, by selecting the 'Customer Login' option on daily.co.uk:

Knowledge Base Image


2) Select the option for 'Domains':

Knowledge Base Image


3) Then select the option for 'Manage DNS'

Knowledge Base Image


4) You will then be presented with the 'Manage DNS' page.

Knowledge Base Image


5) You can then create a TXT Record for your domain name, containing the SPF record.

This would usually be for the domain name (e.g. "my-domain-name.com"), rather than a sub-domain address (e.g. "mail.my-domain-name.com"). The hostname to enter for this would be "@".

For example, if you own my-domain-name.com and only send mail via our mail servers then the record could look like this:

@ v=spf1 mx mx:mx.daily.co.uk ip4:195.26.90.71/28

The @ symbol represents your domain and is added to the Hostname textbox, which is the text box directly underneath the "Add New Record" heading.

Select the "TXT" option from the drop-down menu and then add the text for the SPF record to the "Data" text box.

Once done click on "Update DNS" to save the changes.

There is a good Setup Wizard available on the Internet for generating your records.


Last Updated: 20/01/2015
Article ID: 1111
Was this article helpful?
Very Helpful
Helpful
Unhelpful
Very Unhelpful
Knowledge Base home page
Support home page
Support Glossary
Support Glossary
Home Page Knowledge Base Email - Spam Email Creating SPF Records
Open sidebar nav
[close] Alert:
OK Cancel