SPF

Laposta uses SPF to send newsletters. SPF enables your subscriber's mail server to check whether our mail servers are authorized to send your newsletter.

Many larger companies also use SPF. In this way they record which mail servers have permission to send mails on their behalf.

What is SPF?

SPF stands for Sender Policy Framework. It is a way of preventing email from being sent without the owner's consent.

Email was developed at a time when it was not yet necessary to pay much attention to security and abuse. Email is an open system, in which it is possible to send messages from an address that you do not own. For an expert, it is no problem to send an email from info@mycompany.com, even if they have no relation to My Company or this domain name.

This gives people with malicious intent the opportunity to pretend to be someone else. A well-known example of this are phishing emails that are seemingly sent by banks. SPF was developed (among other things) to prevent this kind of exploitation.

(By the way, the open nature of email is also an advantage. For example, it enables our programme to send emails on behalf of our customers). 

How does SPF work?

SPF works through the DNS. The DNS can also be used to record and look up the IP addresses belonging to a domain name.

With SPF, the owner of a domain name indicates which mail servers are authorised to send email for that domain. When an email is delivered to a receiving mail server, that mail server has the possibility to check if the server that sent the email has permission to do so. Many mail servers do check this.

If SPF information is present and the email is not sent by a marked mail server, the email will either be refused immediately or not be forwarded to the final recipient. Incidentally, it is also possible that SPF is completely ignored.

If no SPF information is available at the receiving mail server, the email is handled according to normal procedure.

Do I need to set anything up?

Usually this is not necessary, unless your domain uses DMARC. Read more about authenticating your domain.

Still need help? Contact Us Contact Us