Look Up Another Term

Definition: SPF


(1) (Stateful Packet Firewall) See stateful inspection.

(2) (Sender Policy Framework) An email authentication system that verifies that the message came from an authorized mail server. SPF is designed to detect messages from spammers and phishers who falsify the sender's IP address in the email header. SPF is an extension to the SMTP mail protocol.

SPF Records
The DNS system identifies the IP address of a receiving mail server with a line of text in the DNS database known as an MX record. DNS also supports a "reverse MX" record, which identifies the sending mail server and is used by SPF. When an email message is received, the mail server checks the SPF record in the DNS to see if it matches the actual IP address of the message. If it does, the email is considered valid. For more information, visit www.spf.pobox.com.

SPF Classic and PRA
There are two approaches to checking email messages via SPF. SPF Classic systems check only the envelope header, while Microsoft's Purported Responsible Address (PRA) method looks at the headers within the message. See Sender ID, Joe Job, spam, phishing, throwaway domain and SMTP.