SPF Records for domains

Phew, I’ve been a really busy bee for the last few weeks and haven’t even had time to blog. One of the things I finally managed to study and implement during this time are SPF records (Sender Policy Framework).

SPF records are used to verify if an email was sent from where it claims to originate. Since most spam and viruses try to fake this information, SPF can help fight these menaces. Gmail and Hotmail have already started checking for these, though no action is taken against messages with invalid or non-existent records (at least not for Gmail. I didn’t test Hotmail).

More details at these links:

http://www.zytrax.com/books/dns/ch9/spf.html http://spf.pobox.com/howworks.html

It looked like something that might require a lot of work, but it turned out that all I needed were a few entries in the domains’ zone files. At least it’s that simple if you’re the sender of an email message and have some level of control over your domain’s DNS. I have yet to see how I can use SPF to control incoming spam and viruses. It also might be as simple as adding an ACL in Exim’s conf file, but it’s a job for another day.