The Role of the DNS’s SNF Record

Before going into technical aspects, we use email as our main communication tool for business, the impact of misconfiguration, negligence, and the lack of education can rebound into chaos.

The internet is not a 100% secure environment and is very fragile, and so emails are, almost every fraudulent email has a fake sender. Of course, there are a lot of ways to prevent it. We can do reputation filters, check if our name is in a botnet, or use the SPF protocol.

SPF stands for Sender policy framework and in a few words, can prevent spoofing by acting as a white-list based on DNS records. You can find formal definitions in Google without any problem.

There are a lot of things that happen during the email-sending process, but I will try to summarize the SPF record presence during this process.

Inside an email header (sent using SMTP), we have the envelope or, what the server sees, which contains the information of the transmission agent: the HELO (SMTP transmission start), FROM (sender), and TO (receiver).

The client/user side sees the LetterHead, which is the email’s header (FROM, TO, and SUBJECT).

The logic inside SPF is that the email server will and must attend to the tags set in the Envelope just to start the SMTP internals and sending process. The email header contains details of the origin and destination servers and a traceroute through the server which the email will go by.

The SPF records are set to prevent some bad actors sends Spam using any domain address as the sender.

Every time a person receives an email, the email server (receiver server) will check for SPFs in the domain DNS records. So, if the check passes, the email will be received, if not, will be considered a spoofed email. But, if the server settings are neutral, can create filter lists just to keep track of legit addresses

The main conclusion is that SPF is required in a good manner. If by means you encounter a bad setting, make sure that legit emails are discarded.