SlideShare a Scribd company logo

Sender Policy Framework (SPF): An Email Authentication Technique

Download as PPTX, PDF
HTS Hosting
HTS Hosting

SPF is a technique that is used for the purpose of email-authentication and aids in preventing the use of one’s domain for sending messages by spammers.

1 of 10
Sender Policy Framework (SPF) An Email AuthenticationTechnique
Table of Contents 2 Sender Policy Framework (SPF) Email Authentication The Way Email Authentication Works Standards of Email Authentication Compliance with SPF Limitations of SPF
 SPF refers to a technique that is related to email-authentication. It has been designed to prevent spammers from using one’s domain to send messages. SPF aids an enterprise in publishing authorized mail servers. This along with the information related to DMARC, equips the receiving system with information regarding the trustworthiness of an email’s origin. It is only in combination with DMARC that SPF can come in handy for the detection of any forge related to the visible sender of an email.  SPF lets the recipient mail server verify, at the time of the delivery of the mail, that an email which claims to have originated from a specific domain has been submitted by an IP address that is authorized by the administrators of that domain. Authorized sending hosts’ and IP addresses’ list for a domain are published and contained in the DNS records that are related to that domain. 3 Sender Policy Framework (SPF)
 Email authentication refers to a collection of standardized techniques that provide verifiable information related to an email message’s origin. It is an effective solution that helps to prove that an email is not forged and ascertains that the email has been sent by the very sender from whom it claims to have originated.  Email authentication is used very frequently to prohibit harmful and/or fraudulent email practices.  In the context of emails, a certain number of free emails are always provided in all plans of web hosting. Web hosting is a service provided by web hosting companies that enables a website to remain up and running at all times. In web hosting, server space is leased to website owners, so that they can store the files of their websites on it. The ���Best Windows Hosting Company”, “Top Cloud Hosting Company” and the “Best Website Hosting Company in 2021” are certain terms that are frequently used to refer to web hosting companies that provide exceptional quality of hosting. 4 Email Authentication
 There are various ways in which email authentication works. Here, information is being provided on the general approach that is followed. A policy is established by an enterprise that sends emails. This policy specifies the rules that will authenticate emails from the enterprise’s domain name. The mail servers and other technical infrastructure of the email sender are configured accordingly to publish and implement these rules. When the mail server receives an email, it authenticates the received message by comparing details of the incoming email message with the rules that have been predefined. The result of this authentication check decides how the receiving mail server acts, which can either be the delivery of the message or its rejection or even flagging of the message. 5 TheWay Email AuthenticationWorks
6 1-800-123 -8156 Whoa!That’s a big number, aren’t you proud?
 Email authentication relies on certain standardized technical solutions. These standards for email authentication are DKIM (DomainKeys Identified Mail), SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting and Conformance).  To mention these briefly, an encryption key and a digital signature are provided by DKIM to verify the authenticity of an email message and ascertain that it was neither fake nor altered. SPF lets senders define the IP addresses that are allowed to send mail for a particular domain. It is DMARC that unites the two above-mentioned authentication mechanisms (DKIM and SPF) into a common framework. It enables domain owners to specify the way in which an email will be handled which is from that domain and has failed an authorization test. 7 Standards of Email Authentication
Compliance with SPF entails the following tasks:  Publishing a Policy  Those machines are identified by the domains and hosts that are authorized to send mail. This is accomplished by adding additional records to the DNS information that exists. Every host or domain name which has an A record or MX record should have an SPF record. If a policy is used, it is this SPF record that specifies the policy either in the address of an email or as HELO/EHLO argument. Checking and using SPF Information  The SPF information is interpreted by the receivers, as per the specifications. Next, the receivers act on the result. Revising Mail Forwarding  Since SPF doesn’t allow plain mail forwarding, there are alternatives to it.These are mentioned below-  Remailing- In it the original sender is replaced with one that belongs to the local domain.  Refusing.  Allow listing on the target server- This ensures that a forwarded message will not be refused.  Sender Rewriting Scheme- This is a complicated mechanism. It handles the routing of non-delivery notifications to the original sender. 8 Compliance with SPF
 Despite being an effective technique that adds authentication to emails, SPF has certain limitations. There has to be awareness about these limitations as well. These are mentioned below, in no particular order-  The “From” header is not validated by SPF. It is shown in most clients and appears as the actual sender of a message. The “header from” is not validated by SPF. It uses the “envelope from” to ascertain the sending domain.  In the event that an email is forwarded, SPF will break. At this juncture it is the ‘forwarder’ that assumes the role of the new ‘sender’ of the message. This fails the SPF checks that are performed by the new destination.  A lack of reporting with regard to SPF, renders maintaining it difficult. 9 Limitations of SPF
10 Thanks! ANY QUESTIONS? www.htshosting.org www.htshosting.org/best-web-hosting-company-India www.htshosting.org/best-windows-hosting www.htshosting.org/best-cloud-hosting-company

More Related Content

Sender Policy Framework (SPF): An Email Authentication Technique

  • 1. Sender Policy Framework (SPF) An Email AuthenticationTechnique
  • 2. Table of Contents 2 Sender Policy Framework (SPF) Email Authentication The Way Email Authentication Works Standards of Email Authentication Compliance with SPF Limitations of SPF
  • 3.  SPF refers to a technique that is related to email-authentication. It has been designed to prevent spammers from using one’s domain to send messages. SPF aids an enterprise in publishing authorized mail servers. This along with the information related to DMARC, equips the receiving system with information regarding the trustworthiness of an email’s origin. It is only in combination with DMARC that SPF can come in handy for the detection of any forge related to the visible sender of an email.  SPF lets the recipient mail server verify, at the time of the delivery of the mail, that an email which claims to have originated from a specific domain has been submitted by an IP address that is authorized by the administrators of that domain. Authorized sending hosts’ and IP addresses’ list for a domain are published and contained in the DNS records that are related to that domain. 3 Sender Policy Framework (SPF)
  • 4.  Email authentication refers to a collection of standardized techniques that provide verifiable information related to an email message’s origin. It is an effective solution that helps to prove that an email is not forged and ascertains that the email has been sent by the very sender from whom it claims to have originated.  Email authentication is used very frequently to prohibit harmful and/or fraudulent email practices.  In the context of emails, a certain number of free emails are always provided in all plans of web hosting. Web hosting is a service provided by web hosting companies that enables a website to remain up and running at all times. In web hosting, server space is leased to website owners, so that they can store the files of their websites on it. The “Best Windows Hosting Company”, “Top Cloud Hosting Company” and the “Best Website Hosting Company in 2021” are certain terms that are frequently used to refer to web hosting companies that provide exceptional quality of hosting. 4 Email Authentication
  • 5.  There are various ways in which email authentication works. Here, information is being provided on the general approach that is followed. A policy is established by an enterprise that sends emails. This policy specifies the rules that will authenticate emails from the enterprise’s domain name. The mail servers and other technical infrastructure of the email sender are configured accordingly to publish and implement these rules. When the mail server receives an email, it authenticates the received message by comparing details of the incoming email message with the rules that have been predefined. The result of this authentication check decides how the receiving mail server acts, which can either be the delivery of the message or its rejection or even flagging of the message. 5 TheWay Email AuthenticationWorks
  • 6. 6 1-800-123 -8156 Whoa!That’s a big number, aren’t you proud?
  • 7.  Email authentication relies on certain standardized technical solutions. These standards for email authentication are DKIM (DomainKeys Identified Mail), SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting and Conformance).  To mention these briefly, an encryption key and a digital signature are provided by DKIM to verify the authenticity of an email message and ascertain that it was neither fake nor altered. SPF lets senders define the IP addresses that are allowed to send mail for a particular domain. It is DMARC that unites the two above-mentioned authentication mechanisms (DKIM and SPF) into a common framework. It enables domain owners to specify the way in which an email will be handled which is from that domain and has failed an authorization test. 7 Standards of Email Authentication
  • 8. Compliance with SPF entails the following tasks:  Publishing a Policy  Those machines are identified by the domains and hosts that are authorized to send mail. This is accomplished by adding additional records to the DNS information that exists. Every host or domain name which has an A record or MX record should have an SPF record. If a policy is used, it is this SPF record that specifies the policy either in the address of an email or as HELO/EHLO argument. Checking and using SPF Information  The SPF information is interpreted by the receivers, as per the specifications. Next, the receivers act on the result. Revising Mail Forwarding  Since SPF doesn’t allow plain mail forwarding, there are alternatives to it.These are mentioned below-  Remailing- In it the original sender is replaced with one that belongs to the local domain.  Refusing.  Allow listing on the target server- This ensures that a forwarded message will not be refused.  Sender Rewriting Scheme- This is a complicated mechanism. It handles the routing of non-delivery notifications to the original sender. 8 Compliance with SPF
  • 9.  Despite being an effective technique that adds authentication to emails, SPF has certain limitations. There has to be awareness about these limitations as well. These are mentioned below, in no particular order-  The “From” header is not validated by SPF. It is shown in most clients and appears as the actual sender of a message. The “header from” is not validated by SPF. It uses the “envelope from” to ascertain the sending domain.  In the event that an email is forwarded, SPF will break. At this juncture it is the ‘forwarder’ that assumes the role of the new ‘sender’ of the message. This fails the SPF checks that are performed by the new destination.  A lack of reporting with regard to SPF, renders maintaining it difficult. 9 Limitations of SPF