Setting up a mail server is not as simple as setting up some software and clicking go. There are many steps to maintain privacy and eliminate SPAM. One step required is on behalf of your recipients, and that is to configure a Sender Policy Framework (SPF) record. The article answers the questions of what does it do, where does it go, and how can I make sure it’s correct?
What does it do?
An SPF record is a way of validating whoever is sending an email is a legitimate person. The record contains a reverse DNS lookup with the IP of the server pointing to the domain name that is sending the email. When visiting a website, you enter www.example.com, and behind the scenes your browser does a forward DNS lookup to find example.com is mapped to the IP 10.10.0.1. The SPF record makes sure that any emails coming from firstname.lastname@example.org are originating from the same IP (10.10.0.1). If not, then the mail receiver can assume the email is SPAM or a phishing attempt.
Where does it go?
The SPF record is part of the DNS Zone file. It is entered as a specifically formatted TXT record. Domain providers such as GoDaddy allow you to control your DNS Zone file and make these entries yourself.
Create an new TXT record and it should look something similar to:
v=spf1 mx a ip4:10.10.0.1/32 ~all
How can I make sure it’s correct?
Once the record is created, it takes time to propagate throughout the DNS servers, but it should be ready within 48 hours. Because of this long delay I wanted to make sure I got it right the first time. Some tools I found to be very helpful are listed below.
For creating the SPF record with all the correct options, try:
Once the record has been created, you can do a reverse DNS validation using these tools:
We hope this information is useful in setting up your own mail server. If you have any questions or comments on steps you have taken to configure a mail server, please leave them below.