What is SPF?

The actual definition of SMTP mail protocol allows explicitly for any entity to identify itself with any domain in both the HELO/EHLO and MAIL commands, it also allows any entity to identify itself with any mailbox in the From Header as long the syntax of RFC 2821 and 2822 is respected. This gives an attacker an opportunity to send mail pretending to be someone else, injecting thousands and even millions of unwanted mail into a normal mail flow. To minimize this risk and to make sure that the MTA server sending the mail is actually authorized to use the that domain, a new protocol was generated called Sender Policy Framework (SPF) which is one of the many tools that exist to fight against mail usage abuse. Continue reading