SPF or Sender Policy Framework is an open standard specifying a technical method to prevent sender address forgery. For a detailed explanation read this introduction.

There is some discussion on SPF being a good solution, read this Advogato article on the issues with SPF.

My stand on this. I’m not checking SPF records because they are also used by spammers and I might block email from people who haven’t implemented SPF. But to prevent my emails being blocked by people who are checking SPF records I’ve added them to my mailserver.

Here is a short explanation on how to add them yourself for your own mailserver.

SPF records are basically TXT records to your DNS, this means that your registrar must have the ability to add them.

To create the correct records we will use this wizard to create them.

First enter the domain name for which you want to add SPF records, like ‘diymacserver.com’, then push the begin button.

Check if the ip-address is correct and click “yes”

All MX servers are ofund and displayed here, check if this is correct and click “yes”

Click “yes” for the next question if you are not sure. Otherwise you can click “no”.

Then click “yes” for the last question and then click “continue”.

Next you need to login the the admin section of your registrars website and add a TXT of SPF record with the result of the Wizard. In my case:

“v=spf1 a mx ~all”

To check if you added it correctly you can type the following command in the Terminal:

dig TXT diymacserver.com

In the reply you should see something similar like:

diymacserver.com. 0 IN TXT “v=spf1 a mx ~all”

Another option is to use this webtool to check your configuration.

There are some registrars who do not support adding TXT or SPF type records. If you have a registrar like this please leave a comment with the name so others are warned.

These regsitrars have the ability to add TXT or SPF records:

Registrars who don’t support it: