GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Sender Policy Framework: Ensuring Your Emails Get Delivered

Have you ever received a bounce back for an email that you never sent and wonder how that happened? When it comes to email governance, one area that has little to no restrictions is what someone puts in the “From” address.  Yup, that’s right – I can craft an email to someone with your email address. Maybe I want to send an email from the CEO to the accounting department to request they adjust my salary? Unfortunately many email servers or SPAM solutions are not setup properly to defend against this. On the flip side, many are but sending domains are not setup to follow the standards created to prevent this type of spoofing and legitimate emails do not reach their destination.

As stated above, there are two sides to this equation – the sending and receiving sides.  In this post, we are going to focus on the sender and how to ensure your emails get to their destination by using SPF records.  SPF or Sender Policy Framework was designed to prevent others from sending emails “From” you.  This is one of the methods (but not the only one) developed to prevent email spoofing. The way this works is by performing DNS lookups against your domain. The theory is that only the owner of a domain can create DNS records for that domain. So, if those records designate which addresses are allowed to send emails on its behalf, that mail should be trusted.

When creating SPF records, you need to take into account anyone that is sending mail on your behalf and make sure the addresses of those services are included in your SPF record. This could be your internal email servers, a hosted email service such as Microsoft Office 365 or a hosted SPAM solution such as Barracuda. These services will usually provide you with the proper address and syntax to include in your SPF record. If you have multiple services sending on your behalf, this could complicate the creation of the record so it is recommended to use an online SPF generator, such as SPF Wizard, that will ask you questions and build the proper text string for you.

If you find that you are receiving bounce back messages for recipients you actually intended to send to, chances are they are enforcing SPF lookups and your SPF records are not setup properly.

If you are unsure of how to setup these records or need assistance implementing a SPAM solution that can prevent email spoofing, please contact us.

Stay tuned for Part II of this series where we discuss how PTR records are used to prevent SPAM and spoofing.


By Steven Stein, Director, Client Services



Related Posts

CIO Fireside Chat Recap: Cloud & FinOps

By Mario Brum, VP of Practice Area and Technical Advisory Services Mario hosted the second in GreenPages' ongoing series of CIO Fireside Chats discussing how an industry-leading retail technology company partnered with GreenPages to use FinOps for optimizing the company's cloud costs. 

Preparing Your Business for the End of Windows Server 2012 Support

By Josh Morganthall, GreenPages Senior Solutions Architect for Microsoft Cloud In this blog post, Josh outlines the steps that CIOs need to take to prepare for Windows Server 2012 reaching its end of support on October 10, 2023 to ensure their IT operations remain secure, productive, and running without interruption.

Replace Your Business Phone System with Microsoft Teams

Microsoft Teams Phone System is a powerful tool that can help businesses streamline their communication and improve productivity. In this blog post, GreenPages’ Director of Carrier Services Kurt Karshick outlines the various options for moving to a Microsoft Teams Phone System and why it's a smart choice for businesses of all sizes.