- Plesk for Linux
- Plesk for Windows
What is SPF? How to configure and use SPF on a Plesk server?
SPF is Sender Policy Framework .
SPF fights return-path address forgery and makes it easier to identify spoofs. Domain owners identify sending mail servers in DNS. SMTP receivers verify the envelope sender address against this information and can distinguish authentic messages from forgeries before any message data is transmitted. SPF is implemented at the level of DNS TXT records and SMTP server. Detailed information about SPF record syntax is available at Openspf.org
SPF is included in plans as a regular resource with plan edit wizards. To access SPF configuration form, go to Plesk > Tools & Settings > Mail Server Settings and specify the required options in SPF section. If you don't have Tools & Settings(Server settings) menu, contact your hosting support.
Once the SPF resource is enabled, DNS TXT records will be provided for each A and MX records in Domains > example.com > DNS Setings DNS TXT records have the following format:
CONFIG_TEXT: example.com IN TXT "v=spf1 spf\\_string"
Here, spf1 is SPF version, and spf\_string takes the combination of the so-called mechanisms:
CONFIG_TEXT: a, ptr, mx, ip4, include, all
Where all is a finalizing mechanism and must be placed at the end. Each mechanism may have a prefix pointing to a certain type of processing messages:
CONFIG_TEXT: '-' fail (message is rejected)
'~' softfail (message is passed with warning)
'+' pass (message is passed - the default prefix value)
'?' neutral The simplest (and most popular)
SPF record will be:
CONFIG_TEXT: example.com IN TXT "v=spf1 mx -all"
This mean that mail from **email@example.com ** can be sent only from his MX record. There can be used other options. If other servers send mail from domain.com, you can describe them by giving "arguments" to the a:, mx:, ip4:, and ptr: mechanisms. mx: takes domain names and approves all the MX servers of these domains. Example:
CONFIG_TEXT: "v=spf1 a mx a:example.com -all"
Mail can be sent from his MX and from example.com server.
To set both ipv4 and ipv6 SPF records, the following syntaxis can be used:
CONFIG_TEXT: "v=spf1 ip4:XX.XX.XX.XX ip6:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX ~all"
TXT record generator: https://www.spfwizard.net/