Unofficial DreamHost Blog

DreamHost just started to test automatic SPF record generation.

Sender Policy Framework is designed to help reduce mail forgery. It does so by confirming that a mail server sending e-mail from your domain is authorized to do so (those that aren’t are probably spammers or viruses spoofing your e-mail address).

Mail servers that receive SMTP e-mail verify the envelope sender address against the information in DNS, and thus can distinguish between authentic messages and forgeries before any message data is transmitted.

DreamHost’s tool lets you indicate if your domain never sends mail or you can choose the default settings, which adds a TXT entry to your DNS settings with all DreamHost’s SMTP servers’ IP-addresses. You also have the option to add additional custom SPF records, which is useful if you use your ISP’s SMTP server or you send email through your website.

SPF is not really an anti-spam solution. It does, however, help reduce bounces from spam runs with forget sender-addresses, and should make it more practical to, for example, whitelist/blacklist certain domains and filter mail for others more aggressively.

Anyone who has ever gotten the bouncebacks, hate mail, spam complaints, etc. from a spam run forged with their domain, will appreciate the work of SPF.

If SPF becomes widely adopted, it will become much harder for spammers to spoof other peoples’ domains. SPF is currently supported by AOL, Gmail, Hotmail/MSN and many more. 

More info in: SPF: A Sender Policy Framework to Prevent Email Forgery

This entry was posted on Wednesday, February 22nd, 2006 at 15:14 and is filed under DreamHost, Features. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.