What is SPF (Sender Policy Framework)?

What is SPF?

SPF stands for Sender Policy Framework. It's an email authentication protocol that is published in the DNS records of a sending domain.

It gives a list of IPs, mail servers, and sending applications that are authorized to use this domain to send emails. As this list is public, the receiving server will be able to compare it with the IP or sending application of the incoming email.

It allows:

• The receiver to verify the authenticity of the sender, to avoid spam or scam like phishing or spoofing.
• The sender to protect his domain from malicious and unauthorized activities that could affect its trustworthiness.

Why is it important?

As for any email authentication protocols, having SPF properly set improves the deliverability of emails sent from this domain. Indeed, some email servers can block the access to email with no SPF record published.

In the same way, your domain has less chances to be blacklisted or have a bad SpamAssassin grade if it has a SPF record published.

In a nutshell, having SPF properly setup will make your emails more secure while increasing your deliverability.

Example of SPF record

I own the domain "mailook.ai" and I'm using Google Workspace to send emails, as well as Sendgrid for marketing purposes.

‍

I will publish this SPF record in my DNS:

v=spf1 include:_spf.google.com include:sendgrid.net ~all

‍

We can decompose this SPF record into 3 parts:

‍

I. The version of the SPF protocol. It always stays the same.

v=spf1

‍

II. The "list" of authorized applications and/or servers that can send emails with the domain "mailook.ai".

include:_spf.google.com include:sendgrid.net

‍

III. The mechanism used. Basically, it indicate what will happen if an email using the domain "mailook.ai" is sent from an unauthorized sending application or IP.

~all

‍

In that case, the email that doesn't pass the SPF test will be automatically sent in spam.

📹 Video explanation