SPF (Sender Policy Framework)

SPF stands for Sender Policy Framework. It is an authentication protocol which when used allows senders to specify which IP addresses are authorized to send email on behalf of a particular domain. To ensure that your customers and your brand is protected from phishing and spoofing attacks, you need to authenticate your email with a SPF record.

Advantages of creating SPF Record

  1. Your sending IP Address is less likely to be blacklisted
  2. Your domain is less attractive to fraudsters which protects you from phishing and domain spoofing attacks

Creating a SPF Record

  1. Make a list of IP Addresses: Create a list of IP Addresses you would be using to send emails from your domain.
  2. Make a list of sending domains: It is important that you create SPF record for all domains that you control, irrespective of whether you are sending emails from that domain or not. This protects all your domains from being spoofed.
  3. Create your SPF record:
    1. Start with v=spf1 (version 1) tag and follow it with the IP addresses that are authorized to send mail. For example, v=spf1 ip4:121.168.0.1 ip4:100.168.0.2
    2. If you use a third party email service provider like Pepipost to send emails on behalf of your business domain, you must add an “include” statement in your SPF record E.g. v=spf1 include:pepipost.com to designate Pepipost as a legitimate sender.
    3. Once you have added all authorized IP addresses and include statements, end your record with an ~all or -all tag.
  4. Publish your SPF record to your DNS: To publish your SPF record, you need to be able to edit the DNS zone file on your hosting service. Hosting service providers like GoDaddy or BlueHost make it fairly easy to update DNS records.