Let's say the Gmail server receives a forged email message that claims to be sent from your domain. All other servers except these are explicitly stated as unauthorized (due to -all). This SPF record authorizes all the servers having IP addresses 192.167.0.1-192.167.0.2, Google servers, and Mailchimp servers to send emails on your domain's behalf. Now that you understand all the parts of the SPF record, let's understand how it works in the real world with an example: v=spf1 ip4:192.167.0.0/30 include:_ include: -all V=spf1 include: ~allīefore copying and pasting these SPF values, check the official documentation of the respective email service provider to make sure it is up to date. The following table shows the SPF records of some popular email service providers: Email Provider This setting makes the SPF record useless and should never be used. +all-Use this at the end to indicate that all other servers are also authorized to send emails on the domain's behalf.This is a recommended setting for production domains. The email messages are marked with hard-fail in the envelope and are likely to be rejected by the recipient server (depending on the policy). -all-Use this at the end to indicate that all other servers are not authorized.This is a temporary setting that is recommended during a transitioning period, such as during an email migration process. The email messages are marked with soft-fail in the envelope but are likely to be accepted by the recipient server. ~all-Use this at the end to indicate that all other servers, except those specified, are not authorized.?all-Use this at the end to set the SPF policy to neutral, which means the SPF record doesn't explicitly state that the IP address is authorized or not.The last part of the SPF record is the enforcement policy, which could have either of the following values: Your SPF record will look like this: v=spf1 include: include: -all For example, if you're using Microsoft 365 for business emails and MailChimp for sending transactional emails from a website, you could use multiple include mechanisms. The multiple values are separated by a single white space. The next section defines the authorized IP addresses (or IP address block) and domain names.
The value of every SPF record starts with v=spf1, which indicates that it is an SPF (version 1) record.Understanding various parts of an SPF record
0 kommentar(er)
