spf

最後更新: 2015-06-29

 

 


格式:

version ([prefix] mechanisms) (modifiers)

version:

  • v=spf1

mechanisms:

  • all,
  • include,                           other domains that are authorized domains (用另一個 domain set 好的 spf record)
  • a,                                   all A records for domain (a:<domain> | a:<domain>/<prefix-length>)
  • mx,                                all A records for each host's MX record
  • ptr,                                 looked up using PTR queries.
  • ip4                                  ip4:IP[/net]
  • exists

"+", "-", "~", and "?"                                     // pass, fail, softfail, neutral

The default qualifier is "+"

softfail:  the domain is still testing its SPF policy, so the message should not have been rejected.

modifiers:

  • redirect
  • exp

Example:

# 最易單的設定
"v=spf1 mx -all" 
   
# The domain sends no mail at all.
"v=spf1 -all"

# Allow 某 IP
"v=spf1 ip4:192.168.0.1/16 -all"

# Allow 某 A record
"v=spf1 a:mail.example.com -all"

"v=spf1 mx:domain.com -all"

"v=spf1 ptr ptr:domain.com -all"

# Allow Domain 的所有 A, MX record 及某 IP
"v=spf1 a mx ip4:x.x.x.x -all"

"v=spf1 include:outlook.com ip4:x.x.x.x ip4:y.y.y.0/24 ~all"

 


Testing tools

 


DOC

 


Other

 

pypolicyd-spf