SPF stands for "Sender Policy Framework" (formerly also Sender Permitted From) and is a spam protection method used to prevent phishing attacks. In an SPF entry, you specify which mail servers are authorized to send an email for your domain. For this purpose, additional information is stored in the DNS records of your domain in the form of TXT records. These TXT records contain detailed information on the mail servers authorized to send emails.
The receiving mail server can use the SPF record of the sender domain to check whether the email received originates from an authorized mail server or is possibly part of a phishing campaign. In the latter case, the email can be identified via the SPF spam protection and declared as SPAM.
An SPF record is an entry in a domain's DNS that allows an organization to publish the IP addresses of its authorized email servers and domains. This makes it more difficult for cybercriminals to spoof the domain and reduces the likelihood of emails ending up in spam filters. This improves the reputation and deliverability of legitimate emails. If you use email services from a third-party provider (e.g. Google Suite), an SPF record is necessary to ensure that receiving email servers recognize the sender address as authorized. Without an SPF record, the recipient may receive a warning that the email originates from a phishing attacker. Some email servers block such messages or move them to the spam folder so that the recipient may never see them.
Since most recipients rarely check their spam folder, companies may have difficulty communicating with existing and potential customers if their emails end up there. Many major email services already have SPF detection built in, so domain owners should set up an SPF record in their DNS servers to ensure their emails arrive in recipients' inboxes. This is not necessary for private emails with providers such as Google, Hotmail and Yahoo, as these providers already take care of this.
v=spf1 include:spf.europeanmx.eu -all
Each SPF entry must begin with the version number used. The current version starts with "v=spf1".
The following are some expressions that define the SPF entry and are evaluated in the order from front to back. The majority of the expressions are so-called directives. These define the authorization of the sender and consist of an optional qualifier and a so-called mechanism.
| Qualifiers | Result Code | Desciption |
|---|---|---|
| + | Pass | the directive defines authorized transmitter; this is the standard, i.e. if no qualifier is specified, + is assumed |
| - | Fail | the directive defines unauthorized senders |
| ~ | SoftFail | the directive defines unauthorized senders, but the recipient should treat this failure generously; this qualifier is for testing purposes |
| ? | Neutral | the directive defines channels whose legitimacy is not to be stated; The transmitter must be accepted. |
| Mechanism | Directive applies if... |
|---|---|
| all | always |
| a | an A (or AAAA) record of the polled (or explicitly specified) domain contains the IP address of the sender |
| mx | an MX record of the polled (or explicitly specified) domain contains the IP address of the sender |
| ip4 | the specified IPv4 address is the IP address of the sender or the specified IPv4 subnet contains it |
| include | an additional SPF request for the domain specified in the include statement contains the IP address of the sender |
In order to authorize our cloud for sending your messages you need to store the following SPF record in the DNS settings of your domain. Go to the DNS settings of your domain and create a TXT record for it with the following value:
Deutsch
Arabic
Armenian
Bosnian
Bulgarian
Croatian
Czech
Danish
Dutch
Estonian
Finnish
French
Georgian
Greek
Icelandic
Italian
Latvian
Lithuanian
Luxembourgish
Macedonian
Norwegian
Polish
Portuguese
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Ukrainian
v=spf1 include:spf.europeanmx.eu -allIf you use other mail servers for sending emails, you can simply add "a:your.mailserver.com" to the value. Simply use our SPF generator to generate a suitable SPF record for your domain.