When one hears the acronym ‘SPF,’ the first thing that comes to mind is protection from the sun. But in the realm of information security, SPF is synonymous with protection from annoyances such as spam and malicious attacks such as phishing. While spam can be a pain in the butt – it is phishing that can truly harm an organization. By either harvesting company credentials or by tricking the end user in clicking on an attachment, a malicious attacker can do serious damage. A properly configured SPF record can help prevent this from occurring.
SPF stands for ‘Sender Policy Framework’ and it simply represents a list of email servers which are authorized to send email using a given domain name. They are designed to protect against forged emails and the delivery of incoming spam messages. From a technical perspective, an SPF record is a DNS TXT record that a mail server can access to verify if the source of the email message corresponds to an authorized sender. If the source IP address is not listed within the organization’s SPF record, the email will never make it the user’s inbox. A properly configured SPF record will take part of the burden off of the user, since the user will never have an opportunity to click on a malicious email using a “spoofed” domain name.
To configure SPF, a company’s system administrator will augment their existing DNS records with a special TXT record. This extra DNS record links the MX record identifying the mail server with the IP addresses of all hosts which are allowed to send email using that domain. For example, consider the company MyCompany.com. A properly configured SPF record will prevent a malicious attacker from sending inbound email as [email protected], in an attempt to trick a user into thinking the email actually came from the IT department. If this risk was not mitigated, an attacker could potentially mimic a user within the corporate environment to gain the trust of their victims.
As with any technical change – one should vigorously test its behavior before and after implementation. Try and spoof your own domain in an attempt to validate that SPF is properly configured. Once fully implemented, an SPF record will ensure that only YOU can send emails as YOU!
So as the height of summer approaches, and phishing attacks continue to make headlines, remember to wear plenty of SPF this summer and make sure that the Sender Policy Framework is protecting your environment! For more information on SPF check out OpenSPF.org or contact OCD Tech today. 844-OCDTECH
