6.9.1 ORF Online Help
Select your ORF version:

Table of Contents

SPF Test


This help section describes the SPF test and the related settings available under the AuthenticationSPF Test page in the navigation.

General Information

Sender Policy Framework (SPF) is an email authentication protocol which allows domain owners to publish a policy to stop email forgery in the name of the domain. In short, the policy defines which IP addresses are authorized to send emails in the name of the publisher domain. The policy is published as a DNS record on the DNS server authoritative for the domain, so it can be checked via a simple DNS query.

Settings

Click the Settings button to configure the SPF test feature of ORF. More information is available in the SPF Settings section.

Notes

IMPORTANT: Intermediate Host List

Because ORF validates the email origin IP address, it is crucial to configure ORF to check the right IP address.

Enabling the SPF test with incorrect Intermediate Host List settings will cause false positives.

The Intermediate Host List tells ORF which hosts may receive the email before ORF gets them. ORF tracks the original host IP address back based on this information. If the Intermediate Host List contents are incomplete or incorrect, the intermediate relayer's IP address will be checked against the SPF policy of the sender domain, which will eventually result in email blacklisting (as the relaying host is doubtfully listed as an authorized sender).

Where to find more information about SPF

Visit the SPF website at http://www.open-spf.org/.

Publishing an SPF policy

Please visit the SPF website to learn more about publishing an SPF policy for your domain. We also offer an SPF Syntax Validator and an SPF Checker on our website for testing your policy.

Implemented SPF version

ORF implements RFC7208, published in April 2014, and its updates (RFC7372, RFC8553, RFC8616).

Verification results are recorded in the Authentication-Results header as specified in RFC8601.

The optional Received-SPF header is not appended by ORF to emails. ORF also does not do HELO-first checking, which is an optional feature of the standard.

Copyright © Vamsoft Ltd. 2024. All rights reserved. Document ID adm-spf, version 5.