Difference between revisions of "SPF"
(→Links) |
|||
| Line 23: | Line 23: | ||
* {{wikipedia|Sender Policy Framework}} | * {{wikipedia|Sender Policy Framework}} | ||
* [https://www.rfc-editor.org/rfc/rfc7208.html RFC 7208] ([https://datatracker.ietf.org/doc/draft-ietf-spfbis-4408bis/21/ status]) | * [https://www.rfc-editor.org/rfc/rfc7208.html RFC 7208] ([https://datatracker.ietf.org/doc/draft-ietf-spfbis-4408bis/21/ status]) | ||
| + | * [https://dmarcadvisor.com/spf-syntax-table/ SPF Record Syntax] | ||
Revision as of 14:04, 19 August 2022
|
SPF: Sender Policy Framework
|
About
SPF (Sender Policy Framework) is an anti-spam protocol in which a DNS record specifies what IP addresses are allowed to send messages with a "from" address coming from that domain. The IP addresses may be specified literally (numerically, using CIDR address-range syntax) or as domain-names. SPF is defined in RFC 7208 (status).
DNS Configuration
Discussion of the DNS record format is in Section 3. SPF uses TXT records; there must be only one SPF record per domain or subdomain. A record's contents must start with "v=spf1" in order to be recognized as an SPF record.
The remainder of the contents consists of a set of terms, formatted according to these nearly-indecipherable rules:
terms = *( 1*SP ( directive / modifier ) )
directive = [ qualifier ] mechanism qualifier = "+" / "-" / "?" / "~" mechanism = ( all / include / a / mx / ptr / ip4 / ip6 / exists ) modifier = redirect / explanation / unknown-modifier unknown-modifier = name "=" macro-string ; where name is not any known modifier
name = ALPHA *( ALPHA / DIGIT / "-" / "_" / "." )
This seems to translate to "one or more terms, where each term starts with either {a qualifier followed by a directive (which is a qualifier plus a mechanism)} or a modifier, and multiple terms are separated by spaces".
Tentatively, it's best to think of "modifiers" as a small set of additional directives. It's noted in that they're intended to allow for future expansion