Sender Policy framework

In the war against forged emails we have a new contender that seems promising. The name of the new contender is Sender Policy Framework. The specifications are outlined in RFC4408.

SPF works like a charm - when configured properly. For my domain helge.net I have added the following TXT record:

helge.net. 3600 IN TXT "v=spf1 mx -all"

By doing this I say that emails from my domain helge.net is only allowed to originate from my incoming mailserver.

Given this information the received can check to see if the receiving email is forged or not.

Sender address forgery is a threat to users and companies alike, and it even undermines the e-mail medium as a whole because it erodes people's confidence in its reliability. That is why your bank never sends you information about your account by e-mail and keeps making a point of that fact.

For this to work you need to add a TXT record to your domain. At the project homepage you can find out for yourself how to do so.