terena logo
15 June 2006
TERENA Secretariat Adds Sender Policy Framework Support

The TERENA Secretariat recently added SPF (Sender Policy Framework) data to its DNS entry. SMTP, which is currently used for sending email, allows anyone to send email with a forged email address. SPF is used to help identify forged sender addresses that are used by viruses, worms and spam. SMTP servers that support SPF can easily detect forged senders and flag or delete messages from spoofed senders, consequently drastically reducing or completely eliminating worms, viruses and spam that are sent through email on infected machines.

An SPF record describes which mail servers are allowed to send email for a particular domain name. SPF records are simply a string of text published in a DNS TXT record. When an email is sent to an SPF enabled mail server, it checks the SPF record to make sure that the email is coming from one of the mail servers that is authorized to send email for the particular domain.

Thousands of email providers and companies including Hotmail, AOL, Microsoft, and Google have begun publishing SPF records and have built SPF support in their spam filters.

Dick Visser, TERENA Secretariat Systems Administrator, said: “I feel this solution has great potential to stop the forgery of email and reduce spam and the propagation of viruses.”

SPF is an experimental protocol, as described  in RFC4408. Further information about how to join the SPF experiment can be found at the OpenSPF website.