In DNS (Domain Name System) an SPF record stands for sender policy framework and these SPF records indicate whether an email server is verified for a particular domain in order to prevent spoofing.
Email spoofing is a rather easy way to gain entry into a network. Malicious attackers can fake headers or email addresses to appear as a trusted person on the other end of an email. In order to prevent spoofing or at least mitigate some of these malicious attacks, admins can use SPF records in their DNS zones. An SPF (sender policy framework) record lists all of the servers that are allowed to send emails for a particular domain. This way, a receiving email server has an incoming email, it may check the spf record using a DNS lookup to make sure that the sending server is, in fact, on the verified list of sending email servers for that specific domain.
An SPF record is actually a type of DNS TXT record, perhaps the most common type. An SPF is different from an MX (Mail Exchange) record, though. An MX record contains the DNS name information of a mail server in a particular zone or domain for which a client can use to send email. Whereas the SPF record will contain the list of names of mail servers so that incoming mail can be verified as safe by either a mail server or a specialized email security solution. An SPF check in many cases is only one test carried out to ensure an email is safe to open.
You can check for SPF records in a few ways, but two of the most popular are to use the DIG or nslookup. If you don’t have DIG installed you can use Men&Mice's online DIG tool.
To look for SPF records you’ll want to specify the type as TXT and then look for information resembling the spf record above such as:
“v=spf1 a mx -all”
For example, when I use nslookup at the command line I’ll type in: Nslookup -type=txt google.com
One of the records in the output is the following:
The way you set up an SPF record will depend on what you’re using for DNS management. If you’re using Micetro to create a new SPF record then you will do the following: