Why SPF is so funky in today’s modern world

SPF (Sender Policy Framework) has been around for a long time and enjoys a rich history reaching back to 1997, with the SPF Project itself starting in June 2003. (a timeline history of SPF can be found here). However, there are some challenges with SPF's feedback and it is often misunderstood. We take a look at these issues, and at the barriers that are keeping SPF from being better A notable issue with SPF is that the people deploying it have to…
Vaughn Talbert
21 March 2019

The History of SPF

Dec 14, 1997 Jim Miller sends Paul Vixie an email with his idea on verifying SMTP MAIL FROM address from means of outbound-smtp MX dns records. Note: This event and the date are not confirmed by public records and are based solely on information provided by Paul Vixie. Mar 27, 2000 – Public mention of the idea to create 'MS' (mail sender) DNS records Bill Cole mentions on usenet newsgroup dedicated to discussions of spam an idea to create 'MS' (Mail Sender) DNS records to…
Vaughn Talbert
18 March 2019

Our SPF Survey tool can show you how much traffic is coming from your listed entries.

To get to the tool, log in and navigate to the Domain Overview. Click on the SPF cell for a domain that has volume, and then click ‘Record Details’.  In the resulting view, select ‘View TMI’.  The reloaded view of the SPF record details integrates DMARC data to show you which of your SPF record entries are in active use for your domain(s), and in what way.  This can help you figure out which old entries in your record might…
Vaughn Talbert
14 February 2019
Industry News

Are your Google Calendar Invites Blocked by DMARC?

Even though Google has long supported DMARC, a handful of Google applications are still not capable of sending DMARC compliant email using both SPF and DKIM. If you’re a Google Suite customer using your own domain, email that originates from Google’s apps (such as Google Docs, Google Sheets, and Google Slides) and calendar service will still use a domain that points back to Google, and not your own domain, preventing SPF from supplying DMARC compliance. If your DMARC policy was…
Vaughn Talbert
7 February 2019
Deployment

Too many DNS lookups?

People sometimes run into the "too many DNS lookups" error when rolling out SPF (Sender Policy Framework). It doesn't help that there is a lot of bad guidance on the Internet. This article describes how to fix this issue. (more…)
dmarcian
4 August 2016
Deployment

SMTP Relay for Third Party Sender DMARC Compliance

How can you eventually move to a p=reject policy when third parties are unable to send email properly on your behalf? In many cases, a DMARC compliant SMTP relay server can be used to do the trick. In this article, we’ll explore some of the facets of sending DMARC compliant email from third parties, what to look for, and how common hosted solutions such as Google Apps, Office 365, Amazon Simple Email Service (SES), can be leveraged as SMTP relays.…
dmarcian
19 January 2016