Last Updated: February 25, 2016
·
7.645K
· kerrick

Need an SPF Record? Microsoft has a great tool for that.

SPF records help prevent people from spoofing your domain name in their spam email campaigns. I recently learned about this problem when I started getting bounced emails with original headers like the following:

Return-Path: <Madeleine4CE66@kerricklong.com>
Received: from 90.148.13.148.dynamic.saudi.net.sa ([90.148.13.148]) by mx.google.com with ESMTP id fs12si28469498bkc.40.2012.07.07.11.25.18; Sat, 07 Jul 2012 11:25:19 -0700 (PDT)
Received-SPF: neutral (google.com: 90.148.13.148 is neither permitted nor denied by best guess record for domain of Madeleine4CE66@kerricklong.com) client-ip=90.148.13.148;
Authentication-Results: mx.google.com; spf=neutral (google.com: 90.148.13.148 is neither permitted nor denied by best guess record for domain of Madeleine4CE66@kerricklong.com) smtp.mail=Madeleine4CE66@kerricklong.com
To: "info" <info@litron.com>
Subject: Newsletter
From: "Henry" <Madeleine4CE66@kerricklong.com>
Date: Sat, 07 Jul 2012 21:25:16 +0300
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: IPS PHP Mailer

Somebody in Saudi Arabia has been spamming people, with their emails claiming to be from my domain name! That's simply not acceptable.

To fix this, I have set up SPF records for each and every domain name I have an MX record for. Microsoft's great SPF generator made it easier to create them, too. If you've got a domain name you use for email, set up an SPF record for it!

For the record, this is what my SPF records look like, with an allowance for MailChimp to send email as me:

kerricklong.com.    IN TXT   "v=spf1 mx:kerricklong.com include:servers.mcsv.net ~all"

1 Response
Add your response

While they are very similar, Microsoft's Sender ID is not the same as SPF. See here: http://www.openspf.org/SPF_vs_Sender_ID

over 1 year ago ·