User:David MacQuigg/Sender Policy Framework: Difference between revisions
imported>David MacQuigg (New page: '''Definition:''' Method for authenticating the return address on an email message. '''Sender Policy Framework (SPF)''' is an email authentication method that seeks to correlate the doma...) |
imported>David MacQuigg No edit summary |
||
| Line 1: | Line 1: | ||
'''Definition:''' Method for authenticating the return address on an email message. | '''Definition:''' Method for authenticating the return address on an email message. | ||
| Line 5: | Line 4: | ||
If the IP address is listed in the SPF record, the authentication result is PASS, and the message may be processed in accordance with the reputation assigned to the domain. If the authentication result is FAIL, the message may be immediately rejected without any data transfer. Often, however, the result is neither PASS nor FAIL, but unclear. This is a result of the many domains that don't publish SPF records, or that have records giving unclear results. | If the IP address is listed in the SPF record, the authentication result is PASS, and the message may be processed in accordance with the reputation assigned to the domain. If the authentication result is FAIL, the message may be immediately rejected without any data transfer. Often, however, the result is neither PASS nor FAIL, but unclear. This is a result of the many domains that don't publish SPF records, or that have records giving unclear results. | ||
=== Limitations === | |||
=== How it works === | |||
==== Explanatory notes ==== | |||
=== Bibliography === | |||
{{r|http://tools.ietf.org/html/rfc4408 RFC-4408}} - "Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1", M. Wong, W. Schlitt, 2006. | {{r|http://tools.ietf.org/html/rfc4408 RFC-4408}} - "Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1", M. Wong, W. Schlitt, 2006. | ||
{{r|http://www.openspf.org Sender Policy Framework}} - project website | {{r|http://www.openspf.org Sender Policy Framework}} - project website | ||
Revision as of 14:16, 19 October 2009
Definition: Method for authenticating the return address on an email message.
Sender Policy Framework (SPF) is an email authentication method that seeks to correlate the domain name in the envelope return address with the IP address of an SMTP client currently connected and waiting to send a message. While the client is still connected, and before receiving the message data, the server does a DNS query for an SPF record on the domain name.
If the IP address is listed in the SPF record, the authentication result is PASS, and the message may be processed in accordance with the reputation assigned to the domain. If the authentication result is FAIL, the message may be immediately rejected without any data transfer. Often, however, the result is neither PASS nor FAIL, but unclear. This is a result of the many domains that don't publish SPF records, or that have records giving unclear results.
Limitations
How it works
Explanatory notes
Bibliography
- [RFC-4408] [r]: Add brief definition or description - "Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1", M. Wong, W. Schlitt, 2006.
- [Sender Policy Framework] [r]: Add brief definition or description - project website