SPF Records

Email forgery occurs all the time.  Email forgery (also known as email spoofing) is when a user gets email that looks like it has originated from one source when it actually was sent from another source. One way to help prevent email forgery is to use SPF (Sender Policy Framework) records.  How the SPF record works is the sender or owner of the domain creates a DNS TXT record in a certain format, which specifies where the mail is authorized to send email for the domain. The recipient of the email then looks up the domain of the sender to verify if the message is authorized to send from that location then does an action based on what the qualifiers are of the SPF record and how the recipients email system is setup to handle SPF records.  In order for this system to work, the sender must be using SPF records and the receiver must be checking SPF records.  When mail gets forwarded from one server to another, the SPF record is not usable unless the forwarding mail server uses the Sender Rewriting Scheme (SRS). It works by reformatting the original sender’s address into a new address using the forwarder’s own domain. At the next destination, the forwarder’s domain is subject to an SPF check. The SPF system isn’t perfect because most of the email systems on the Internet do not adhere to SPF records and SRS.  Also, servers can get hacked and users with open-relay systems can spoof users within the same domain and spoof domains on the same mail system. There are many online tools and wizards to help an email administrator create SPF Records.  One popular one is at http://www.openspf.org/Tools