Published February 3rd, 2004 by Jim O'Halloran
Sender Permitted From (SPF)
After the Spam FixIt at LCA the other week I had this neat idea (which I didn’t get around to writing about) about using something like a reverse MX record to identifiy authorised mail servers for a given domain. As it turns out, theres already a proposal documented for doing exactly that, called SMTP Sender Permitted From (SPF).
What’s the idea here?
Domains already publish MX records to tell the world what machines receive mail for the domain.
Domains can also publish “reverse MX” records to tell the world what machines send mail from the domain.
The world can check those records to make sure mail isn’t spoofed.
With SPF, those “reverse MX” records are easy to publish: one line in DNS is all it takes.