NetworkClue.com
NetworkClue Home PageHome Contact UsContact ConsultingConsult
Bulletin Board
Internet Services covers Secrets to hosting websites, Hosting your own web server, and using DNS Servers.Operating Systems leads you through the decision of Linux vs. Windows, ideal installations and setups to create an efficient and redundant environment for your business, and great features to make management easier.Routing & Firewalls contains articles that will allow you to take control of your router. Learn how to protect your company with access lists and advanced firewall techniques.Hardware answers the common questions about Switches vs. Hubs, recommends SysAdmin Tools, and recommendations for adequate power protection.Utilities will cover fighting spam, using Anti-Virus programs effectively and the must haves for every administrator's software toolbox.

DNS
HTTP
SMTP
-Manually Test SMTP
-Server-side Spam Filtering
-Sendmail
Connectivity
Search
Amazon Search

Bulletin Board

SPF and Sender-ID

By Joshua Erdman
Digital Foundation, inc.

Basics

These methods of spam filtering are almost the same.  They both check the FROM field in messages against the sending server and a DNS TXT entry.  The difference is SPF looks at the FROM field specified in the SMTP protocol while Sender-ID inspects the FROM field in the MIME data.

Step-by-Step

  1. Your mail server receives a request to be given mail from another SMTP server on the Internet.
  2. Provided that the delivering mail server is not blacklisted your mail server will allow the connection and begin receiving the message.
  3. After the message is received, the filter will perform a DNS lookup on the domain specified in the FROM field looking for a specially formed TXT record.  This record contains a list of mail servers that have permission to send e-mails for that domain.
  4. If the the delivering mail server is listed in the DNS TXT record, the message is delivered.  If the server is not listed, the message is considered spam.  If a DNS TXT record is not available this filter does not apply and hopefully additional spam filters exist to inspect the message.

Where DNS Fall in

It is estimated at least 30% of SMTP servers already have the correct SPF TXT records in their DNS.  These records merely specify which mail server are authoritative to send mail.  You are not required by any means to create a TXT record for your domain, but you do gain something by creating one.  Listing a TXT record for SPF/Sender-ID for your domain will guarantee that messages from your mail server are legit (only from the listed allowed servers and not spoofed) therefore not subject to other spam filtering.

SPF/Sender-ID DNS TXT Record

Setting up these records are new to most people, even for DNS administrators.  It can be even more difficult if you have your DNS hosted by a third party.  Vendors like Register.com and Network Solutions have yet to support a TXT entry.

If you are lucky enough to work with a vendor that allows TXT records here is how the record should look:

v=spf1 mx a:mail.domain.com a:smtp1.domain.com
a:smtp2.domain.com  ~all

This of course should be all in one line.

To see if your Domain Registrar supports the SPF TXT DNS records visit: http://www.kitterman.com/spf/txt.html

Side Effects

The only side effects I have noticed by creating an SPF record is forwarding.  A forwarded messages still keeps the sender's from address, most likely the forwarding server is not authoritative for the sender's domain.

References:
Configuring your 2003 Exchange Server for Spam Filtering

Configuring your Sendmail Server for Spam Filtering

RBL - Realtime Blacklist Filtering

http://www.kitterman.com/spf/txt.html
 - list of Registrars that support SPF

Article last reviewed: 01/13/2007

Created by: Digital Foundation, inc.

Copyright © 2002-2005 Digital Foundation, inc. www.networkclue.com

All content of the NetworkClue website is copyrighted. Articles, notes, outlines, and all other materials may not be stored on the Internet or sold or placed by themselves or with other material in any electronic or printed format in whole or part. However materials may be referenced by links to the site.

 

Related Articles:
SMTP Manual TestSMTP Manual Testing
Server Side Spam FilteringServer-Side Spam Filtering
RBL - Realtime Black ListsRealtime Black Lists
Spam Filtering for Exchange 2003Spam Filtering for Exchange
Spam Filtering for SendmailSpam Filtering for Sendmail