Many people think of sunscreen when they hear SPF. In the technology world, SPF isn’t the measurement for blocking UV rays, but instead, it is the mechanism for blocking phony emails.
SPF stands for Sender Policy Framework, which is actually a pretty simple system for validating emails. The system, when working properly, detects email spoofing. Spoofing is the practice of creating and sending an email with a false sender address. This is done by malicious groups to send viruses or steal information. However, they spoof an email address you might trust, so you will open the attachments, and they’ll have access to your files. For example, you could get an email from your bank, asking for your banking account information to sign you up for a special promotion. It could actually be a spoofed email sent from someone trying to steal your account information.
SPF works by checking to make sure that mail from a certain domain is legitimate. It does this by comparing the mail from a certain domain with the acceptable hosts from that domain’s administrators. Essentially, your bank will approve a certain number of domains and hosts to send them. If you get an email you think is from your bank, but it isn’t actually one of the approved hosts, an SPF record tool will inform you that this is likely a spoofed email.
How it Works
The original email protocol, the Simple Mail Transfer Protocol (SMTP), allows pretty much anyone to send an email and claim that it’s from pretty much any source address. Spammers and spoofers use this to send emails from forged email addresses. That way, you cannot trace the email back to whomever sent it, nor can you identify who it was. It is also used in phishing expeditions, as was discussed earlier. Phishing is a technique of trying to convince users to disclose private information, such as bank account numbers.
SPF works by allowing a domain owner to designate which senders or computers are authorised to send from that address. SPF works by using Domain Name System (DNS) records. When someone attempts to send an email along the Simple Mail Transfer Protocol dialog, the sender’s address is transmitted first. If the SPF server rejects the sender’s address, the person receives a message saying that he or she is not an authorised client to relay a message.
The system is not completely perfect because spammers can still send emails from one of the accepted computers. However, going into another computer to send an email makes you much easier to trace.
You also have the option of using something to check the SPF without actually employing the sender protocol framework yourself. That would be like a website in which you enter the domain name of a sender into the tool. The tool will then check to see if the domain name you entered is authorised to send emails from that address. That is probably the easiest way to stay safe. If you ever get the notion that something is off, you can quickly check for yourself.