SPF records
WHAT IS THE SPF RECORD?
According to the original operation of the SMTP protocol, any computer could send an email with any sender address. As a result, spammers have a simple job as they can easily falsify the sender addresses (Return-Path headers). The SPF would remedy this by defining domain names by which servers can send a mail from the email address that belongs to that domain. This information must be published in the TXT record for that domain.
The SPF ignores a single important parameter in the SMTP operation of the email redirection. If a server is configured to redirect to a specific address and the server to which the mail is forwarded, it checks the SPF, then it will optionally reject a real mail as it is not transmitted by the server that was enabled in the SPF entry.
Solution attempts have been created for this problem, but all of these can only work if all servers on the Internet implement them.
QUERYING SPF RECORD
For example, you can use the nslookup command in Windows to access record TXT, while under Linux the host command.
Example of a Windows-based nslookup query:
nslookup -q=TXT dotroll.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
dotroll.com text =
"v=spf1 mx a:staffmx.dotroll.com a:staffmx1.dotroll.com ip4:80.77.113.20 ip4:80.77.113.30 ip4:185.33.52.53 a:admin.dotroll.com a:online1.int.dotroll.com ~all"Example of Linux based host query:
host -t TXT dotroll.com
dotroll.com descriptive text "v=spf1 mx a:staffmx.dotroll.com a:staffmx1.dotroll.com ip4:80.77.113.20 ip4:80.77.113.30 ip4:185.33.52.53 a:admin.dotroll.com a:online1.int.dotroll.com ~all"SPF RECORD FORMAT
The SPF record always begins with v=. This indicates the SPF version used. Currently, version spf1 must be configured, as this is the most common version of SPF that is understood by mail servers.
There may be one or more values after this version. These will determine which servers to send mail through the domain name.
Globally usable elements:
| Usable elements | Result | Description |
| + | Pass | Specifies the server through which you can send a mail, this is the default operating mode |
| – | Fail | Specifies the server through which no mail can be sent |
| ~ | SoftFail | Specifies the server through which you can not send mail but is temporarily enabled |
| ? | Neutral | It determines that nothing can be said about validity |
These elements can be used for the items listed in the table below.
| Usable elements | Description |
| ip4 | IPv4 addresses can be specified in CIDR format that can deliver or forward the message through the domain name. |
| ip6 | IPv6 addresses can be specified in CIDR format that can deliver or forward the message through the domain name. |
| a | You can specify any host name that you can send or forward through a domain name. |
| mx | You can enter any host server host name that you can send or forward through a domain name. |
| ptr | You can specify any host name that you can send or forward through a domain name. Its use is not recommended. |
| exists | If this value is set, the specified domain name records the record and if it finds a match between the specified IP addresses, it will allow the mail to be sent or forwarded via the domain name. |
| include | You can specify any additional domain name that can be delivered or forwarded via the domain name. |
| redirect | At the domain name, the current SPF record will be replaced by the SPF record of the domain name specified here. |
| exp | A brief explanation of what to do after a letter is rejected |
| all | This determines the strictness of the items set in the SPF record. |
ADDING SPF RECORD
- Sign in with https://admin.dotroll.com with your username and password
- In the top menu bar, click the Domains / My Domains menu.
- Select the domain name for which you want to make the change and then click on it.
- In the Manage box on the left, select Manage DNS.
- At the bottom of the page, click Add.
- In the first field, you can enter a subdomain name, or leave blank
- the TTL value can be selected in the second field, but typically the default is 1 hour
- select SPF from the next drop-down list.
- set the desired values
- Then click Save Changes.
No Comments