Have a Question?

Categories

SPF records

You are here:
< All topics
Table of contents

What is the SPF record?

According to the original operation of the SMTP protocol, any computer could send an email with any sender address. As a result, spammers have a simple job as they can easily falsify the sender addresses (Return-Path headers). The SPF would remedy this by defining domain names by which servers can send a mail from the email address that belongs to that domain. This information must be published in the TXT record for that domain.

The SPF ignores a single important parameter in the SMTP operation of the email redirection. If a server is configured to redirect to a specific address and the server to which the mail is forwarded, it checks the SPF, then it will optionally reject a real mail as it is not transmitted by the server that was enabled in the SPF entry.

Solution attempts have been created for this problem, but all of these can only work if all servers on the Internet implement them.

Querying SPF record

For example, you can use the nslookup command in Windows to access record TXT, while under Linux the host command.

Example of a Windows-based nslookup query:

nslookup -q=TXT dotroll.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
dotroll.com     text =

        "v=spf1 mx a:staffmx.dotroll.com a:staffmx1.dotroll.com ip4:80.77.113.20 ip4:80.77.113.30 ip4:185.33.52.53 a:admin.dotroll.com a:online1.int.dotroll.com ~all"

Example of Linux based host query:

host -t TXT dotroll.com
dotroll.com descriptive text "v=spf1 mx a:staffmx.dotroll.com a:staffmx1.dotroll.com ip4:80.77.113.20 ip4:80.77.113.30 ip4:185.33.52.53 a:admin.dotroll.com a:online1.int.dotroll.com ~all"

SPF record format

The SPF record always begins with v=. This indicates the SPF version used. Currently, version spf1 must be configured, as this is the most common version of SPF that is understood by mail servers.

There may be one or more values after this version. These will determine which servers to send mail through the domain name.

Globally usable elements:

Usable elements Result Description
+ Pass Specifies the server through which you can send a mail, this is the default operating mode
Fail Specifies the server through which no mail can be sent
~ SoftFail Specifies the server through which you can not send mail but is temporarily enabled
? Neutral It determines that nothing can be said about validity

These elements can be used for the items listed in the table below.

Usable elements Description
ip4 IPv4 addresses can be specified in CIDR format that can deliver or forward the message through the domain name.
ip6 IPv6 addresses can be specified in CIDR format that can deliver or forward the message through the domain name.
a You can specify any host name that you can send or forward through a domain name.
mx You can enter any host server host name that you can send or forward through a domain name.
ptr You can specify any host name that you can send or forward through a domain name. Its use is not recommended.
exists If this value is set, the specified domain name records the record and if it finds a match between the specified IP addresses, it will allow the mail to be sent or forwarded via the domain name.
include You can specify any additional domain name that can be delivered or forwarded via the domain name.
redirect At the domain name, the current SPF record will be replaced by the SPF record of the domain name specified here.
exp A brief explanation of what to do after a letter is rejected
all This determines the strictness of the items set in the SPF record.

Adding SPF record

  1. Sign in with https://admin.dotroll.com with your username and password
  2. In the top menu bar, click the Domains / My Domains menu.
  3. Select the domain name for which you want to make the change and then click on it.
  4. In the Manage box on the left, select Manage DNS.
  5. At the bottom of the page, click Add.
    • In the first field, you can enter a subdomain name, or leave blank
    • the TTL value can be selected in the second field, but typically the default is 1 hour
    • select SPF from the next drop-down list.
    • set the desired values
  6. Then click Save Changes.

 

Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we correct this article?
Please submit the reason for your vote so that we can improve the article.
Previous SOA record
Next SRV records