Thursday, September 4, 2008

How to avoid mail spam where spammers use from field to bounce mails to you. (SPF record)

If you get a large amount of spam, and most of the spam consists of bounces where the spammer insert you in the from and reply-to fields, eg. you get any replies from the mailserver, you can protect yourself by adding an SPF (Sender Policy Framework) record to your domain DNS information.

The idea is that you specify from what domains you send e-mails. This is published to any server that tries to send e-mails to your mailserver. If the from doesn't match the domain you specify, then it will be rejected. You can find more information on the spf record structure here:

The example below sets that the domain is maaloe.com and my mail provider surf-town.net is added as include since i send my mails via their servers.

v=spf1 v=spf1 a:maaloe.com include:spf.surf-town.net -all

Once you have set up the SPF record you can test it here.

No comments: