SPF+DKIM+DMARC

From The Hive
Revision as of 01:59, 5 February 2020 by Justina (talk | contribs) (→‎Sender Policy Framework: other tools)

Correct mail configuration is especially important if you own a "biz" domain, to avoid having your email misinterpreted or misclassified as spam.

Sender Policy Framework

SPF is described in RFC 7208 and implemented as a DNS TXT record.

example.biz.            86400   IN      TXT     "v=spf1 a mx ~all"

Too short a time-to-live (here 86400 seconds) is often taken as an indicator of spammishness. The "biz" tld itself uses 900 seconds, but that can be used to quickly revoke a spammer's domain.

The version was never updated from 1, but other tools were developed to be used in conjunction with SPF.

DomainKeys Identified Mail

DKIM is implemented by a public key in another DNS TXT record.

default._domainkey.example.biz.     86400 IN TXT    "v=DKIM1; k=rsa; p=verylongbase64encodedstring"

https://tools.ietf.org/html/rfc6376

Domain-based Message Authentication, Reporting, and Conformance

https://tools.ietf.org/html/rfc7489