Spoofed messages are an everyday threat to organizations worldwide. SPF is an entry in your server DNS that tells mail recipients which servers are allowed to send mail on your behalf.
For example, our SPF record at maysoft.com looks like this:
v=spf1 mx a ip4:18.104.22.168
When a server receives our mail, if it comes from the IP address 22.214.171.124 in our SPF records, that server will mark the message as an SPF "Pass". If the message does NOT come from that address (or the others listed) then that message is a an SPF "Fail".
How Verisend uses SPF
Messages that are received in Domino are first checked for SPF compliance using SpamSentinel or our Positive Identity for HCL Domino addin. We stamp the message with those results.
When the user opens the message, we have a Display Panel in the Notes client that reads those SPF results and displays for the user all good messages (SPF Pass) like this:
and bad messages (SPF Fail) like this:
But some senders don't bother to update their SPF records, so when we do a lookup, we get no result (SPF:None). When this happens, we are unable to determine if the sender is who they claim to be, so we show a Yellow Warning triangle and mark the message "Unverified":
All Blog Postings
A Very Real FakeVerisend Training Email for End-UsersSend a Message to Test your SPF SettingsVerisend ResourcesVerisend Display PanelHow to Deploy the Verisend Template Verisend Quick Start GuideSPF PrimerVerisend Explainer VideoVerisend Good Mail TesterSPF for Domino2ndLook for DominoYou Clicked on a Phishing Link via NotesSpotting Email VirusesWordDOC Macro Killer
( 119 )