Solved

SPF - Best Practice

Posted on 2013-05-12
9
481 Views
Last Modified: 2013-05-16
Hi Guys,

We are trying to setup SPF for a number of clients, but we're not 100% sure what we need to configure to only accept the senders email.

I understand that SPF is a service that blocks spam/spoof emails from senders who pretend they are someone else.

What is the best practice or recommended approach in setting up SPF? Is it best to setup to include mx, ptr, ip, a etc? Or is there another way?

We want to setup so it doesnt disrupt or hinder in any way shape or form between companies.

Apologies in advance, my knowledge is quite basic when it comes to SPF.

Thanks!
0
Comment
Question by:goraek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39160287
That isn't SPF at all.  SPF is contained in a TEXT record that says who is allowed to send email in the name of your domain.  Microsoft has a page to generate the text for you:  http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Definition here: http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx

Note also that SPF is not 'automatic'.  Some email services use it and some don't.  It is just another step that you can take to minimize spam being sent in your name.
0
 
LVL 2

Author Comment

by:goraek
ID: 39163327
We have setup TXT entries, and used the above link to check, but it says theres no SPF record.

Any ideas?

This is our current TXT record

mydomain.com TXT v=spf1 include:externaldomain.com ~all

Is this correct?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39163411
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 2

Author Comment

by:goraek
ID: 39164106
How do I authorise multiple mail servers?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39165665
Don't know, never tried that.  Here's the 'official' pages: http://www.openspf.org/
0
 
LVL 2

Author Comment

by:goraek
ID: 39173186
Yeah I checked.

When it has "include" what does that mean?

Has anyone had any experience in SPF?
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39173257
Many of us here use SPF.  http://www.openspf.org/ and http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx are the authorities on SPF.  'include' and all the other options are explained here: http://www.openspf.org/SPF_Record_Syntax

Click on "Request Attention" if you want some others to look at your question.
0
 
LVL 2

Author Closing Comment

by:goraek
ID: 39173600
Good info
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39173616
Thanks for the points.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question