The Chillidog Software Blog

The ramblings of a developer

SPF isn't just for sunscreen; Sender Policy Framework (SPF) for Email

Basically, SPF is a way for mail servers to verify that the sender of an email is authorized. This is a popular way to fight spammers who spoof the email address to make it look like it comes from you.

From Wikipedia:

Sender Policy Framework (SPF) is anemail validation system designed to preventemail spam by detectingemail spoofing, a common vulnerability, by verifying senderIP addresses. SPF allows administrators to specify whichhosts are allowed to send mail from a given domain by creating a specificSPF record (or TXT record) in theDomain Name System (DNS).Mail exchangers use the DNS to check that mail from a given domain is being sent by a host sanctioned by that domain's administrators.

If you use Google Apps for your domain, you're going to want to see this help document on the topic. You will need to add the following TXT record to your DNS:

v=spf1 ~all

Google Apps SPF Record

If you don't use Google Apps, don't worry. Try out the following code:

v=spf1 a mx ~all

This will use your default MX records as the validation destination.