 Have you ever gotten spam from yourself? I have, and
I've been thinking hard about how to stop it! I didn't send
it. It came from a spammer. If we could stop spammers from
forging mail, we could easily tell spam from ham and block
the bad stuff.
SPF makes it easy for a domain, whether it's an ISP, a business, a school or a vanity domain, to say, "I only send mail from these machines. If any other machine claims that I'm sending mail from there, they're lying."
 When an AOL user sends mail to you, an email server that
belongs to AOL connects to an email server that belongs to
you. AOL uses SPF to publish the addresses of its email
servers. When the message comes in, your email
servers can tell if the server on the other end of the
connection belongs to AOL or not.
And that's it! SPF aims to prevent spammers from ruining
other people's reputations. If they want to send spam, they
should at least do it under their own name.
 And as a user, SPF can help you sort the good from the
bad. Reject mail that fails an SPF check. Use it to help
your spam filters make a decision. Have confidence that
mail that SAYS it's coming from your bank, your credit
card company, or the government really is!
If you do get spam that passed an SPF check, then you
know you should hold the sending domain responsible for the
message.
For more information, please see the FAQ.
|
