How to set SPF

Basic Information

With the increase in spam emails in recent years, new measures are required to prevent the sending and receiving of spam emails. Here we will explain the settings for SPF, which is one of those efforts.

SPF is a technology that uses DNS to specify the IP address of the mail server that sends e-mails for subdomains that send e-mails. By limiting the sending servers, you can identify spam emails with fake From addresses.

By setting this SPF record, it is more likely that sending emails to Gmail etc. will be successful (although it is not guaranteed).

Setting example

As an example, we will use the zone file for the example.uec.ac.jp domain, which is sending emails.

We assume that you are renting the DNS server function of a virtual domain server.

Add a TXT record below the MX record that indicates the server where you want to receive emails.

Internal file settings (example.uec.ac.jp.in)

$TTL    21600
;
@     IN      SOA     post-1.cc.uec.ac.jp.    hostmaster.example.uec.ac.jp. (
                        202406170 ; Serial. YYYYMMDD + Today's serial
                        3600    ; Refresh 1 hours
                        900     ; Retry   15 minutes
                        1080000 ; Expire  300 hours
                        3600 )  ; Minimum 1 hours
;
        IN      NS      post-1.cc.uec.ac.jp.
        IN      NS      ns.uec.ac.jp.
;
; for XXX@example.uec.ac.jp
;
        IN    MX      10      mx.uec.ac.jp.

        IN    TXT     "v=spf1 +ip4:130.153.0.0/16 +ip4:172.21.0.0/16 +ip4:192.168.0.0/16 include:_spf.google.com ~all"
;

External file settings ( example.uec.ac.jp.ex )

$TTL    21600
;
@     IN      SOA     post-1.cc.uec.ac.jp.    hostmaster.example.uec.ac.jp. (
                      202406170 ; Serial. YYYYMMDD + Today's serial
                      3600    ; Refresh 1 hours
                      900     ; Retry   15 minutes
                      1080000 ; Expire  300 hours
                      3600 )  ; Minimum 1 hours
;
        IN      NS      post-1.cc.uec.ac.jp.
        IN      NS      ns.uec.ac.jp.
;
; for XXX@example.uec.ac.jp
;
        IN    MX      10      mx.uec.ac.jp.

        IN    TXT     "v=spf1 +ip4:130.153.0.0/16 include:_spf.google.com ~all"
;

Note

v=spf1 Declare to write an SPF record

+ip4:130.153.0.0/16 Describe the IP address where emails may be sent

include:_spf.google.com Automatically load Gmail settings so that you can send emails from the example.uec.ac.jp domain from Gmail

~all Describes how to process emails from IP addresses other than those specified in the SPF record. ~all specifies that you want to receive data even from sources other than the specified sender.

Checking

To check whether the settings are correct, please use a free SPF checker.

One of them is shown below.

SPFチェッカーツール POWER DMARC

Reference

SPF For a detailed explanation of records, please see the Internet Association’s explanation page.

SPF(Sender Policy Framework) 有害情報対策ポータルサイト 迷惑メール対策編 一般社団法人インターネット協会