Do you ever think about email security?
I suppose it depends where you are in the internet chain.
As the email marketer, your concerns are normally focused on deliverability
, ROI, content, opens, and so forth. Most likely you probably leave email security to your employer, your IT department and your email hosting provider. Those aforementioned entities have a shared security concern with a bigger community of companies and organizations: Those include the email abuse groups
, the blacklist monitors
and ISP’s both big and small. Why? – because regardless of who and how you get online when you’re on the Internet, security, or lack of email security affects you one way or another.
- On a daily basis, we usually receive unwanted annoying messages that fill our inbox and Junk folder known as SPAM
- Do you find yourself tempted by messages from the King of some Country willing to share their wealth?
- We are educated to know that clicking on a link included in an email, even from someone we may know, can infect our computer with Malware (adware, zero days, viruses, trojans, etc.)…………..…..By the way, do you know you still owe the IRS $150?
However, there are a few tools available for email security that will stop exploits and fraudulent emails. Fraud can be lessened by using SPF. Sender Policy Framework.
SPF is an older protocol to authenticate email, designed to stop forged emails, but not designed to stop SPAM. Its all about stopping a potential forger from sending emails on your behalf. It identifies a domain (the last part of an email address, like gmail.com) as a legitimate mail source from the sender and blocks unauthorized domains from getting through.
SPF is all about communication with the correct servers,
All this is accomplished with the magic of DNS also known as the Domain Name System. The DNS of a website takes the IP address of a domain (Internet Protocol) and converts it into a human-readable domain name. For example, the IP address 126.96.36.199, which belongs to Frontier Communications can be found by typing frontier.com in any search bar instead of 188.8.131.52. (IP number mapping to actual domain name translation was discovered in the 1980s.)
Don’t’ you agree it’s a lot easier to remember amazon.com than the IP address 184.108.40.206. IP number mapping to domain names allows all of us to easily type in any domain name in any web browser.
Now that you know something about DNS, o SPF: it’s a type of Domain Name Service (DNS
) that identifies which mail servers are permitted to send email on behalf of your domain.
How does SPF work you may ask? Well, for instance, today you email Pete. Your email once received, is verified and placed in Pete’s email inbox. How does Pete’s ISP know that the email you sent is really from you? In reality, there’s no way to tell it’s really from you unless there is SPF setup on the DNS servers.
SPF protocols identify the IP addresses that are allowed to be used to send your emails from your domain.
So, with SPF in place: your email is sent to Pete’s mail server. Pete’s mail server, not knowing who you are, looks for an SPF record from your domain. The SPF record shows the receiving email servers (Pete’s), the entire list of IPs that can be used on his behalf. Once verified that your message is sent from one of those IP addresses listed on the SPF record your message is delivered to Pete.
What happens if SPF is not set up? When you email Pete, again Pete’s mail server, not knowing who you are, looks for an SPF record from your domain. This time it doesn’t find one. Pete’s mail servers essentially say I can’t verify who you really are, without an SPF record your email is denied. (even if a message fails SPF, there’s no guarantee it won’t be delivered. That final decision about delivery is up to the receiving ISP.)
SPF flow Chart
Now that you know the general gist of SPF, as a marketer the best example I can give you, as a customer of Dundee.net list hosting
service, our IP addresses should be included in your SPF record,
To recap, SPF is simply a way to authenticate incoming email. The protocol allows the owner of the sending domain to stipulate which mail servers they use to send mail.
- SPF is not a SPAM filter. It does not protect mail servers from being attacked.
- SPF only works on the first email, in other words, a message that is forwarded does not include the initial SPF authentication, as it’s broken from that point
- SPF helps with email delivery it doesn’t guarantee that the sender without SPF will be blocked by the receiving mail server.
- SPF records should be kept up to date, as changes to services happen.
- SPF along with DKIM are protocols
- SPF is not required by all mail services to receive mail.
SPF is just one of the principal methods of email authentication used. as a defensive measure against phishing and spoofed email.
In conclusion from Wikipedia “If a domain publishes an SPF record, spammers and phishers are less likely to forge emails pretending to be from that domain, because the forged emails are more likely to be caught in spam filters which check the SPF record. Therefore, an SPF-protected domain is less attractive to spammers and phishers. Because an SPF-protected domain is less attractive as a spoofed address, it is less likely to be blacklisted by spam filters and so ultimately the legitimate email from the domain is more likely to get through”