SPF: security for your email
To protect your email from cyber attacks, you must be able to identify the sender. This is where a security feature known as SPF comes into play.
In this article we will explain what it is and why you should care about it. Let us begin:
What is SPF?
The Sender Policy Framework is an email security protocol that allows the identity of senders to be verified.
This is divided into two parts:
A DNS TXT/SPF record : which indicates which servers are authorized to send emails from a given domain.
The SPF check : is the verification that is done on receiving a message and that checks if the server that has sent the message is indeed the one that the DNS record marks as authorized.
How does SPF work ?
The SPF check checks that the sending server is authorized to send mail on behalf of the domain.
It works at various levels, based on the DNS TXT/SPF record:
1.- Verify that the sender IP is authorized to send emails with said domain.
2.- Verify the email enveloper sender field matches the expected value.
3.- Verify by means of the helo/ehlo command the valid response from the server that sends the mail.
If the set of checks does not match, the email is blocked. All received emails have a header added with the result of the SPF analysis.
Now, how do we find out the IP addresses of the sender’s email server? We do this by checking the SPF record of the sender’s domain name.
In cdmon this default log looks like this:
v=spf1 include:_spf.srv.cat ~all
At first glance, this does not seem to include any IP addresses, but if we analyze it with a specialized tool, it indicates the IPs from which a cdmon user can send messages:
This means that if a cdmon user works with the default SPF record, they will be able to send messages from any of these IPs:
In case of working with more than one mail service (such as a mailing service such as Acumba or Mailchimp), it will be necessary to add their servers as authorized hosts for sending.
Remember that you can only have a single SPF record, so if you have to make this change, we recommend that you follow the steps indicated in our guide to configure it for mail in the static DNS or follow the instructions in the following video:
But why do we need email security?
This can prevent scams and phishing attacks that can steal your information. Also, knowing the identity of the sender can protect you from spoofed emails and people pretending to be someone else.
With SPF, you can feel more confident that your email account is protected.