SPF, or Sender Policy Framework, is a method to validate that an email may be sent from a specific domain.
What is the SPF?
In order to prevent threats such as identity theft, an IT administrator might decide to use the Sender Policy Framework, or SPF. The SPF is a solution checking the IP addresses that are authorized to send emails from a
specific domain.
The company Tricstor does not use the SPF for its domain. One day, an employee receives an email for someone they believe is the CEO of Tricstor asking for bank details. The email came indeed from the following address: ceo@tricstor.com. However, a hacker sent this email pretending to be the CEO because they wanted to steal sensible data. An SPF would have prevented such a huge threat to the company.
What does an SPF look like?
An SPF is part of your DNS record as a TXT record and identifies authorized SMTP servers for your domain.
It looks like this:
TXT @ "v=spf1 include:spf.cloud.vadesecure.com -all"
TXT: The DNS zone record type.
@: The placeholder used to represent the current domain.
v=spf1: Identification of the TXT record as an SPF record.
include: Authorization of mails to be sent on behalf of the domain from vadesecure.cloud
-all: This list is restrictive, and no other servers are allowed to send e-mail.
How to add an SPF record to my domain host
You need to add an SPF record to your domain host in order to be protected against threats such as identity theft.
1. Sign in to your domain account at your domain host.
2. Go to you page DNS management page to update the DNS records of your domain.
3. Create a TXT record using these values:
a. Name/Host/Alias: Enter @ or leave blank.
b. Time to Live (TTL): Enter 3600 or leave the default.
c. Value/Answer/Destination: Enter v=spf1 include:spf.cloud.vadesecure.com -all
4. Save the record.
Your new SPF record takes effect within 48 hours.
The SPF by Vade Secure
You will use different SPFs depending on your Vade Secure product.
Product | SPF | Explanation |
Vade Secure Cloud | include:spf.cloud.vadesecure.com | The SPF that will validate the sending IPs if you use smtp.cloud.vadesecure.com as the sending connector. |
Vade Secure for Microsoft 365 | SPF of Microsoft | The SPF offered and managed by Microsoft. |
Vade Secure Gateway | Your SPF | The output IPs, and also the SPF, are yours. |