Results 1 to 2 of 2

Thread: SPF and return address forgery

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Forum Administrator Power Poster Lyle@Spry's Avatar
    Join Date
    May 2005
    Posts
    455

    Default SPF and return address forgery

    SPF, once known as "Sender Permitted From" and now more formally described as "Sender Policy Framework" can help you overcome those annoying bounce message you may have received for messages you know you did not send.

    For instance, if you receive a message stating, "A message you sent to blah@example.com could not be delivered, the mailbox does not exist. A copy of the message is included below." And you know for a fact you did not send the message included, you have been the victim of return address forgery.

    So what does this mean? It means some spammer has decided to use your email address as their "From" address when sending out messages. It is akin to someone mailing (snail mail, US Postal Service) a letter to someone you don't know, but using your home address as the return address. If the post office can't deliver that letter for any reason, they return it to the address listed as the return address. Voila, you get the letter instead of the original sender.

    So what can you do about it? That's where SPF comes in.

    Basically, SPF is a special DNS record added to your current DNS records. Newer mail servers (and spam filtering software) can look at an incoming message and see what server it came from. By comparing the source of the message to the information published in your DNS as an SPF record, the receiving mail server (or spam filter) can tell that you did not send the message, and not accept the message (or flag it as spam.)

    SPF is not guaranteed to get rid of all return address forgery messages, but it should cut out a large percentage of them. (Not all mail servers/spam filters implement SPF checks.)

    You'll need to be able to modify DNS records for your domain. Start with the "SPF WIZARD" at www.openspf.org to implement SPF for your domain.

    You'll have to answer a few questions about how you send/receive email for your domain. i.e. What mail server should mail from your domain come from? Do you send via any other mail servers (ISP, work?). Once complete, the wizard will tell you what TXT records to add to your DNS zone. (There was talk of creating a new RR type, but TXT is underused currently, and doesn't require modifying existing DNS tools.)
    Last edited by Lyle@Spry; 12-12-2005 at 01:11 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •