The Sender Policy Framework (SPF) is an email verification DNS tool that prevents email spam. It validates senders' IP addresses to counteract email forging. Mail administrators can create text file SPF records to restrict the servers allowed to send email from a particular domain. Mail servers and other internet ISPs use the DNS to verify that mail from a given domain is being actually sent by a host designated by that domain's admins/host.
Actually the basic working of the SMTP service from the mail server is to allow any computer to send email claiming to be from a specific source address. This loophole is often exploited by spammers who often use valid email addresses, making it more complicated to trace a message back to its real sender and very simple for spammers to hide their real identity. This loophole is also used in phishing/spamming, where users can be forced into disclosing their private information in reply to a forged email purportedly sent by an organization such as a bank.
Here comes the role of the SPF. The SPF allows the owner of a domain to specify which computers are authorized to send mail with sender addresses in that domain, using special DNS records. ISPs and recipient mail servers can bar messages from going through after checking the SPF records.
Go to http://www.openspf.org and generate a SPF record string which you'll use later in the actual record.
NOTE: a) You will want to have the main IP of the web server -- if you
are not using a dedicated IP you do not have to worry about this
On our shared H-Sphere control panel, you can create SPF records yourself by using the steps below:-
1. Login to the H-sphere control panel.
2. Select the Domain Info in the Domain Settings menu. If there are multiple domains, click on each respective domain.
3. On the page that appears, click the Edit icon in the DNS Configuration field.
4. This link will take you to the DNS Configuration page.
5. On this page you can see several blocks of DNS records. There should be an already created default TXT record.
6. First you need to delete the default TXT record by clicking on the delete box icon that appears against the default TXT record field.
7. Then you need to click on "Add DNS TXT Record" and then add the custom TXT record as below in the Data Section
v=spf1 a mx ptr:mysite.biz -all
and then click on Submit button. (If above record is already created then no need to delete that and add again.)
8) As this is a DNS change, you have to wait for 24-48 hrs.
Explanation :
v=spf1 a mx ptr:mysite.biz -all (for your own site mysite.biz)
v=spf1 a mx ptr:mx1.cologlobal.com -all (for cluster cologlobal.com)
a) v=spf1 denotes SPF records are being created
b) "a" Must work for A record (web server record)
c) "mx" Must work for MX record (mail server record)
d) The "-all" at the end specifies that if the previous mechanisms did not match, the message should be rejected.
e) ptr:mx1.cologlobal.com denotes that emails must come from mx1.cologlobal.com which is one of our two email clusters, if you are using anti-spam (SpamExpert) services but you need to make sure that you include your server IP by pinging your site and getting the IP of your site from there.