SPF is the abbreviation for “Sender Policy Framework”. With this method, mail servers can check whether the mail they receive actually originates from the declared host server. This SPF check is carried out fully automatically in the background; as the end user, you will not notice any of this.
In simple terms, the SPF specifies which mail servers are allowed to send mail for the A domain is a name that is unique and unambiguous worldwide on the Internet. The domain can be used for websites and emails. . The mail servers are identified by their name or • Internet protocol: IP is responsible for addressing a data packet. IP encapsulates the data packet that is to be transmitted and adds an address header. The header contains information about the IP addresses of the sender and recipient. The order in which the packets are sent or received is irrelevant to the protocol. It also does not guarantee that... address.
Example: A mail from the sender email@example.com may only be sent via one of the following IP addresses: 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206 . In the SPF record of the domain gmx.com So these IP addresses are listed. The receiving mail server can now check whether the IP address it reads in the header of the mail is on this list or not.
the List of authorized mail servers is on the name server (Domain Name System (DNS) is a decentralized search service that translates a human-readable domain name or URL into the IP address of the server hosting the website or service. This characteristic of the worldwide distribution of DNS is an important component of the Internet. DNS has been used since 1985. A DNS server serves two purposes. The first is to...) of the sending domain – in our example gmx.com – stored and can be called up there by every receiving mail server.
The SPF record
The SPF record is entered as a DNS record in the domain zone of the responsible DNS (name server) of the domain, namely as a TXT record. The entry contains a list of the IP addresses from which mails from this domain can be sent. There are also other entries, e.g. B. for the mail filter server mentioned above, which a mail has to go through before it finds its way to the recipient. Such “intermediate stations” are often with the include -Instruction entered. Below is an explanation of the most common Parameters of the SPF record :
|v||Version of the record; v = SPF1 indicates the currently valid version.|
|ip4||IP address; “IP4” is the name for the well-known form of the IP address. There are also the new IP6 addresses, which are, however, even less common.|
|-Alles||All other senders not listed here are not authorized and should be rejected.|
|include||Specifies other domains whose SPF record should also be retrieved.|
In addition to the one listed above -Alles there is also the version with the tilde: ~ all . This indicates that all other senders are not authorized, but should still be accepted. This “soft fail” declaration was originally introduced for test purposes, but is now used by various hosting providers.
Source: https: //www.ionos.de/digitalguide/e-mail/e-mail-sicherheit/was-ist-ein-spf-record/