Set up SPF
SPF (Sender Policy Framework) is used to restrict which mail servers are allowed to send email for your domain name. This framework is designed to detect and block email spoofing by providing a mechanism to allow receiving mail exchangers to verify that incoming mail from a domain comes from an IP Address authorized by that domain's administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records in the form of an SPF record which is a specially formatted TEXT record.
An example of an SPF would be : example.com. TXT "v=spf1 -all"
To Set up SPF for a Domain
Existing SPF record
If you have an existing SPF record, you should add "include:spf.mtaroutes.com".
Create new SPF record
- If you do not have an existing SPF record, you need to create one using the following:
- v=spf1 is the version of spf
- include:spf.mtaroutes.com uses the SPF record on mtaroutes.com (the Mail Assure server)
- -all means EXCLUDE everything else
another example you can use is:
... where you need to replace the ip4 entry with your mail server address.
Open SPF - http://www.openspf.org/
SPF wizard - https://www.spfwizard.net/
Depending on your domain's current Time to Live (TTL), this may take up to 24 hours to propagate.
SPF checking will prevent any targeted spoofs. If required, you will need to add any intentional spoofing to your SPF records or whitelist the sender (whitelisting the sender is a last resort as this can also be spoofed).