Anyone can send an email pretending to be someone else, be it a pretend email from PayPal to try and get your login details or an email from 'your bank' asking for your PIN number. SPF records help stop this happening.
SPF (Sender Policy Framework) is an open standard specifying a technical method to prevent sender address forgery. More precisely, the current version of SPF — called SPFv1 or SPF Classic — protects the envelope sender address, which is used for the delivery of messages.
Even more precisely, SPF allows the owner of a domain to specify their mail sending policy, e.g. which mail servers they use to send mail from their domain - and more importantly advise recipients that these are the only machines allowed to relay their mail.
The technology requires two things to work correctly:
1. The domain owner publishes this information in an SPF record in the domain's zone file, and when someone else's mail server receives a message claiming to come from that domain, then number 2 comes into play
2. The receiving server can check whether the message complies with the domain's stated policy. If, e.g., the message comes from an unknown server, a server not specified in the SPF record it can be considered a fake and marked as spam or rejected totally.
In order to add an SPF record, you will need to be familar with creating DNS zone file entries and also creating a custom DNS zone.
Firstly, you need to check if a custom DNS zone is needed.
Log into the hosting control panel, and click on Primary DNS, you will be presented with a list of domains and the Zonefile that each domain uses.
If the zonefile for the domain you wish to setup SPF records for is set to Default Web Hosting or Default Web Forwarding then a custom zone file will need to be created as shown in the example below.
Adding a custom DNS zone
In order to create the custom zone file, click on Manage Zone Files from the left hand navigation menu.
Next click Add DNS zone from the new menu option that has appeared.
Enter a description for your zone file, for example "gradwell with SPF record" and click Create new zone file.
Your zone file will then be created in our database, you now need to map the zone file to your domain.
Click on Primary DNS and find the domain you wish to modify in the list, under the Zonefile column click the arrows to view all available zone files, select the name of the zone file you created above and then click on Update Primary DNS.
Adding an SPF record to the custom zone file
In order to add the SPF record, click on Manage zone files from the left hand menu.
Next click on Edit next to the zone file you wish to modify.
Under the Add zones to file option at the top of the screen, set the Number of records to add to 1, and click on Add records.
You should now see an additional entry field has appeared. The SPF record needs to be entered in a specific format, as per below
An example SPF record is shown below so you can see what the different parts mean, and also how to correctly write a record for your domain.
Lets say I own the domain mailme.com and I have my own mail servers and another I also use another for backup at backupmail.mailtech.net. My SPF record might be something like this
mailme.com. TXT "v=spf1 mx a:backupmail.mailtech.net -all"
The parts of the SPF record mean the following:
v=spf1 SPF version 1
mx the incoming mail servers (MXes) of the domain are authorized to also send mail for mailme.com
a:backup.mailtech.net the machine backup.mailtech.net is authorised, too
-all all other machines are not authorised
There are many other parts of the record that can be added, for example include:gradwell.com would include all mail servers that we deem safe.
The full syntax of SPF can be found here - http://www.openspf.org/SPF_Record_Syntax