ǞǞǞ Sender Policy Framework (SPF), is a technical standard and 电子邮件认证 technique that helps protect email senders and recipients from spam, spoofing, and phishing.
准备好一睹Bird 的风采了吗?
了解SPF
The Sender Policy Framework (SPF), is a technical standard and email authentication technique that helps protect email senders and recipients from spam, spoofing, and phishing.
具体而言,它定义了一种验证电子邮件是否由授权邮件服务器发送的方法,以检测伪造邮件并防止垃圾邮件。由于SMTP本身不包含任何验证机制,因此它被设计用来补充用于发送电子邮件的基本协议SMTP。
SPF如何发挥作用?
SPF establishes a method for receiving mail servers to verify that incoming email from a domain was sent from a host authorized by that domain’s administrators. It piggybacks on the well-established Domain Name System (DNS). In general terms, the process works like this:
一个域名管理员发布了定义邮件服务器的策略,这些服务器被授权从该域名发送电子邮件。这个策略被称为SPF记录,它被列为该域的整个DNS记录的一部分。
当一个入站的邮件服务器收到一封传入的邮件时,它在DNS中查找反弹(Return-Path)域的规则。然后,入站服务器将邮件发件人的IP地址与SPF记录中定义的授权IP地址相比较。
然后,接收邮件的服务器使用发送域的SPF记录中指定的规则来决定是否接受、拒绝或以其他方式标记该邮件。
什么是SPF记录?
SPF记录包含在企业的DNS数据库中。SPF记录是标准DNS TXT记录的特殊格式版本。SPF记录看起来像这样
mydomain.com TXT "v=spf1 include:myauthorizeddomain.com include:sparkpostmail.com ~all”
Reading left-to-right in plain 英语, this record is saying that any email that claims to be from “mydomain.com” should be validated with SPF (that’s the “v=spf1” prefix 到 record). It then specifies that the SPF records for “myauthorizeddomain.com” and “sparkpostmail.com” also should be included when validating email from mydomain.com (those are the parts labeled “include:”). In practical terms, that usually is done to indicate that the other domains authorized to send email on its behalf. Finally, the record concludes by stating that any other servers claiming to send mail should be flagged as questionable, and possibly failing, the SPF test (“~all”).
SPF记录可能比这个例子更复杂,但基本机制保持不变。
SPF与DKIM、DMARC或其他标准有什么关系?
SPF、DKIM和DMARC都是支持电子邮件验证不同方面的标准。它们解决的是互补问题。
SPF允许发件人定义允许哪些IP地址为特定域发送邮件。
DKIM provides an encryption key and digital signature that verifies that an email message was not faked or altered.
DMARC unifies the SPF and DKIM authentication mechanisms into a common framework and allows domain owners to declare how they would like email from that domain to be handled if it fails an authorization test.
我需要防晒霜吗?
If you are a business sending commercial or transactional email, you definitely need to implement one or more forms of email authentication to verify that an email is actually from you or your business. Properly configuring email authentication standards like SPF is one of the most important steps you can take to improve your deliverability. However, SPF by itself only goes so far; SparkPost and other email experts recommend also implementing DKIM and DMARC to define a more complete email authentication policy.
SparkPost支持SPF吗?
Yes. SparkPost implements and adheres to email authentication standards including SPF. In fact, SparkPost handles the SPF part of that automatically, so all email from your account is already SPF-compliant.
如何验证我的SPF设置?
了解更多有关SPF最佳实践的信息
Learn more about SPF with these resources from SparkPost’s email experts and elsewhere on the web.
发件人策略框架 (SPF) 项目概述. The group that developed the SPF standard has published detailed explanations, how-to’s, and news about SPF.
RFC 7208. This document published by the Internet Engineering Taskforce (IETF) formally defines the SPF technical standard.
SPF认证。概述和最佳做法. Practical, hands-on advice for implementing SPF from our email deliverability experts.
了解SPF and DKIM In Sixth Grade 英语. An easy-to-understand explanation of how SPF and DKIM work together to ensure email is authenticated.