Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1, April 2014
- File formats:
- PROPOSED STANDARD
- RFC 4408
- Updated by:
- RFC 7372, RFC 8553, RFC 8616
- S. Kitterman
- spfbis (app)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
Email on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the "MAIL FROM" of a message or the domain given on the SMTP HELO/EHLO commands. This document describes version 1 of the Sender Policy Framework (SPF) protocol, whereby ADministrative Management Domains (ADMDs) can explicitly authorize the hosts that are allowed to use their domain names, and a receiving host can check such authorization.
This document obsoletes RFC 4408.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.