Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Sender Policy Framework​

61 views

Published on

A lightning talk given to WordPress Portsmouth about the use and implementation of the Sender Policy Framework

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Sender Policy Framework​

  1. 1. Sender Policy Framework Help Protect Your Inbox From Basic SPAM Wordup Pompey 20th February 2019 Scott McKeown
  2. 2. What is SPF? • An eMail authentication method • An open standard • Simple to enable
  3. 3. Short History Of SPF • 2000 First mention of an SPF idea • 2002 SPF-like specification published • 2003 RMX & DMP specifications merged • 2004 Renamed to ‘Sender Policy Framework’ from ‘Sender Permitted From’ and MARID task group formed • 2005 MARID group collapsed and revert to ‘classic’ SPF idea • 2006 Experimental RFC published for SPF • 2014 RFC-7208 published
  4. 4. How does SPF Work? Write an eMail eMail Server SPF Record Check SPF Fail eMail Server SPF Pass
  5. 5. Where does it go? DNS Zone file as a Text (TXT) Entry.
  6. 6. SPF Record Make Up • Three Sections • Domain or Subdomain • SPF Version • The Mechanisms (Rules)
  7. 7. The Domain or Subdomain SPF Sections
  8. 8. SPF Version SPF Sections
  9. 9. The Mechanisms (Rules) • Prefix • + Pass • - Fail • ~ Softfail • ? Neutral • Can be applied to ANY of the SPF Mechanisms (Rules)
  10. 10. The Mechanisms (Rules) • all • ip4 • ip6 • a • mx • ptr • exists • include
  11. 11. Examples Allow domain's MXes to send mail for the domain, prohibit all others v=spf1 mx –all Allow any IPv6 address between 1080::8:800:0000:0000 and 1080::8:800:FFFF:FFFF v=spf1 ip6:1080::8:800:200C:417A/96 –all The current-domain is used v=spf1 a –all Use External Mail Server v=spf1 mx mx:deferrals.domain.com –all Include Other Domains SPF Rules v=spf1 include:example.com -all
  12. 12. Lets Write Our Domain Rules
  13. 13. Example Of Blocked eMail Feb 20 11:58:04 ms1 postfix/policy-spf[3987]: Policy action=550 Please see http://www.openspf.net/Why?s=helo;id=redithosting.co.uk;ip=5.2.18.104;r=ms1 .redit.co.uk Feb 20 11:58:04 ms1 postfix/smtpd[2236]: NOQUEUE: reject: RCPT from unknown[5.2.18.104]: 550 5.7.1 <yoqiihld@redithosting.co.uk>: Recipient address rejected: Please see http://www.openspf.net/Why?s=helo;id=redithosting.co.uk;ip=5.2.18.104;r=ms1 .redit.co.uk; from=<> to=<yoqiihld@redithosting.co.uk> proto=ESMTP helo=<redithosting.co.uk> Feb 20 12:26:08 ms1 postfix/policy-spf[6230]: Policy action=550 Please see http://www.openspf.net/Why?s=mfrom;id=users@email.address;ip=95.105.89.221; r=ms1.redit.co.uk Feb 20 12:26:08 ms1 postfix/smtpd[2236]: NOQUEUE: reject: RCPT from unknown[95.105.89.221]: 550 5.7.1 <support@redit.co.uk>: Recipient address rejected: Please see http://www.openspf.net/Why?s=mfrom;id= users@email.address;ip=127.0.0.1;r=ms1.redit.co.uk; from=<AndrewMorgan@ufanet.ru> to=<support@redit.co.uk> proto=ESMTP helo=<127.0.0.1.public.ip.address>
  14. 14. References • https://en.wikipedia.org/wiki/Sender_Policy_Framework • http://www.openspf.org/ • https://www.gov.uk/government/publications/email-security- standards/sender-policy-framework-spf • https://tools.ietf.org/html/rfc7208

×