Learn thekey differences between SPF, DKIM, and DMARC.
A DNS is a directory that stores the names of different names against their IP addresses.
However, the functionality of the DNS does not end here.
Other information stored on a DNS is also useful, such as theMX record, or theDNS TXT record.
Therefore, an SPF record becomes a DNS TXT record.
The SPF record stores the information for the servers that are allowed to send emails to it.
SPF record lookup
I, thinking that they are a legitimate user, might even provide them with the information requested.
However, it gets complicated when you learn how SPF checks the incoming email for the senders information.
Here, I have explained both information as simply as possible.
Enter domain name
The Gmail server would then either reject the email or send it to my colleagues spam folder.
This depends on how the SPF policy is configured.
We shall discuss that below.
Enter the SPF record details
But before that, we shall clear up how SPF checks the sender information from an incoming email.
This is theFROMfield that the user sees, known as theFROM HEADER.
However, it is not the information that the SMTP protocol uses to route the email.
Instead, it uses a completely differentMAIL FROMhidden inside the envelope.
The carrier (servers) uses the address on the envelope to deliver the letter.
Note that thisMAIL FROMmight be entirely different from theFROM HEADER.
ThisMail Formis also referred to asEnvelope From,Return To, orBounce Address.
It is the same information the mail servers use to send bounce notifications when an email is not delivered.
The example above is how you define an SPF policy in a DNS TXT record.
It has different parts and each serves a different purpose.
The all mechanism is meant to be the last one, and no mechanisms after it are considered.
Moreover, some mechanisms have aqualifier, which are the symbols (+, -, ~, ?
If no qualifier is defined, the default value resorts to +.
That said, you will always find a qualifier next to the all mechanism in DNS SPF records.
This is because it defines how to handle the servers that are not mentioned in the SPF record.
You may also observe that certain mechanisms may even exist if they are not defined in the SPF record.
However, the same logic and syntax apply.
Log into the DNS server as an administrator.
Click Add Record and then click Add TXT Record.Add a new TXT record
type your domain name.
you’ve got the option to optionally include the +a +mx mechanisms.
Moreover, you’re free to adjust the qualifier for the all mechanism as well.
When done, clickSave Record.
After performing the steps above, wait a while so the new DNS records can propagate across the internet.
This can take anywhere between a few minutes to a day.
This is where DMARC comes in.
DMARC is responsible for handling the emails based on the SPF and DKIM results.
This has been discussed further in the article dedicated to DMARC.
0
Get weekly insights, tips and exclusive content delivered straight to your inbox.
Talk to us straight and get your questions answered right away
source: www.itechtics.com
