Spam Policy Framework (SPF) it will stop SPAM if used

I don't believe I've seen you here before. You may want to subscribe to my feed to keep informed of new posts at DynamicVB.NetRSS feed. Thanks for stopping by!

I was reading a forum post today in which a forum member was complaining because an unscrupulous spammer was spoofing his domain an using it to send out large amounts of unsolicited email, SPAM. The forum user posted the domain in question so I immediately posted it in the form over at http://www.dnsreport.com , just as I thought the domain did not have a Spam Policy Framework (SPF) record in their Domain Name System ( DNS ) server.

It amazes me how many ISP’s still do not have a policy for requiring a SPF record in the DNS servers for the mail servers they manage mail for. I’m guessing a lot of people do not even understand the purpose of the Spam Policy Framework and why its important in preventing SPAM. Basically SPF is a method for telling other mail servers the authorized mail server for sending mail from a particular domain. It is very easy to implement and only takes one line in the DNS server zone if you are defining the mail servers for one domain.

SPF makes it really easy to define the authorized email servers for your domain. It works like this When someone sends an email message out and the receiving server attempts to do a reverse lookup on the domain then your DNS server replies hey I’m xyz.com and I only send email from my server mail.xyz.com. If you get email from any other server you should really deny it since it did not come from me and its not my mail.

So you can see SPF is an effective method for preventing unauthorized users from spoofing your mail domain and getting your servers listed as a spammer. I would say its in the top three of things you should do on your servers to help stop the proliferation of SPAM through out the world and to stop wasting all the bandwidth these spammers waste everyday. These three things that every email administrator should implement include: 

  • Close Relays – Don’t let other people bounce SPAM through your server. All major email servers allow for the definition of servers that are allowed to relay, but most people just don’t turn it on.
  • Define Reverse Lookups for your mail server—Many people now do this because most mail systems will not accept mail from mail servers without a reverse lookup record. This is a little harder to do, since it requires that the ISP either set it up for you or they must delegate your Internet Protocol ( IP ) scope to your DNS servers. This usually only works for companies when you have a range of IP addresses leased, but your ISP should do this for you if they are managing your email servers. If you are managing your own email servers and Domain Name Servers then you should really have the authority for the range delegated to you.
  • Spam Policy Framework—Implement SPF and tell the world which servers are authorized to send mail form your domain. It’s very easy to implement in the most simple form all it takes is the following line in your zone file:
    First you have you MX record
    Somedomain.com. MX 0 mail.somedomain.com.
    Somedomain.com IN TXT "v=spf1 mx"

Add this second line after your MX record in bind and you are done and your DNS server will send out the allowed email servers for your domain when someone requests it.

I hope that more and more Internet Service Providers will start to require this feature for all domains. I think once it becomes normal and receiving mail domains will stop accepting mail from domains without an SPF defined then you will start to see a reduction in the amount of SPAM on the Internet today.

After all, SPAM is a technical problem and no laws like the CanSpam Act are ever going to stop this problem. The technical infrastructure allowed the problem to start and the technical infrastructure can stop the problem as soon as network administrator’s start implementing every feature at their disposal. Once everyone starts using this then the SPAM filtering companies can deny any mail that does not have a SPF record without having to worry about false positives and that should help a lot. Right now on my domains I put you half way to a being defined as SPAM if you don’t have one of these records. If all the domains that send me mail had SPF implemented then I would give them all a 100% and quarantine the message immediately. Maybe one day I’ll be able to stop SPAM at my doorway.

More

Speak Your Mind

*