User:David MacQuigg/Sender Policy Framework

From Citizendium
< User:David MacQuigg
Revision as of 13:14, 19 October 2009 by imported>David MacQuigg (New page: '''Definition:''' Method for authenticating the return address on an email message. '''Sender Policy Framework (SPF)''' is an email authentication method that seeks to correlate the doma...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Definition: Method for authenticating the return address on an email message.

Sender Policy Framework (SPF) is an email authentication method that seeks to correlate the domain name in the envelope return address with the IP address of an SMTP client currently connected and waiting to send a message. While the client is still connected, and before receiving the message data, the server does a DNS query for an SPF record on the domain name.

If the IP address is listed in the SPF record, the authentication result is PASS, and the message may be processed in accordance with the reputation assigned to the domain. If the authentication result is FAIL, the message may be immediately rejected without any data transfer. Often, however, the result is neither PASS nor FAIL, but unclear. This is a result of the many domains that don't publish SPF records, or that have records giving unclear results.