Spam free email tools   Spam filtering | Advice pages Disposable email accounts Securing Email Servers DNS Blacklists Sender Policy Framework (SPF) Report Spam Email   Anti Spam software   About this site   Home  

The Sender Policy Framework

If you host your own mail server, (such as Exim), you should be able to configure your server to filter incoming email based on the SPF record of the domain, (if one exists).

Also, if your ISP allows you to edit the TXT SPF record for your domain, you can set this to allow others to reject mail which claims to be from you but originated elsewhere.

SPF rules

The following is a quick overview of how SPF rules are written, please do not use it as a definitive guide, check out the Sender Policy Framework website for full documentation.

The basic SPF options are:

all

What to do with everything not otherwise defined.

a

Domain name ‘A’ record. Allow mail where the IP address matches the A record for the domain.

mx

Match IP against server listed in MX record for domain.

ptr

The hostnames for the client IP are checked using PTR. At least one A record for a PTR hostname must match the IP.

ip4

An IPv4 network range

ip6

an IPv6 network range.

...and the following qualifiers may be used

-

Fail

~

Soft-fail (accept but mark)

+

Pass

?

Neutral

Examples:

v=spf1 a mx -all
The domain IP address (listed in the A record), and the listed MX for the domain can send mail for the domain, all others are prohibited.

v=spf1 -all
The domain sends no mail at all.