Sender Policy Framework (SPF) is an email validation system designed to detect and block forged or spoofed emails. This is done by verifying the sender’s email server before delivering all legitimate email to a recipient’s inbox.
SPF allows an agency to specify which servers are allowed to send emails for their domain and makes this information available for recipients to check.
This is achieved when the network owner creates an SPF entry in the Domain Name System (DNS) record for their domain. The SPF entry will contain a list of domains or valid IP addresses authorized to send emails for their domain. When an email is sent to a network with SPF checking enabled, the recipient email server validates the sender’s domain against the published SPF record. That is, it confirms that the IP address
of the sending server is on the allowed list for the domain; if it does not match, SPF verification will fail. The network owner can decide whether to block, quarantine or tag emails as suspicious after failing SPF verification.