RFC 7208

Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1, April 2014

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
RFC 4408
Updated by:
RFC 7372, RFC 8553, RFC 8616
S. Kitterman
spfbis (app)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC7208

Discuss this RFC: Send questions or comments to the mailing list spfbis@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 7208


Email on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the "MAIL FROM" of a message or the domain given on the SMTP HELO/EHLO commands. This document describes version 1 of the Sender Policy Framework (SPF) protocol, whereby ADministrative Management Domains (ADMDs) can explicitly authorize the hosts that are allowed to use their domain names, and a receiving host can check such authorization.

This document obsoletes RFC 4408.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search