Red Bridge CyberRed Bridge Cyber
Customer Login
What We CheckHow It WorksPricingResearchAboutBlogCustomer Login

What is SPF (Sender Policy Framework)?

SPF (Sender Policy Framework) is a DNS record that lists which mail servers are allowed to send email using your domain. When a receiving server gets a message claiming to be from you, it checks your SPF record to see whether the sending server is on your approved list — a first line of defence against someone forging your address. 89% of Australian small business domains publish an SPF record*, so most owner-operators already have one — but publishing it is not the same as enforcing it:

  • -all vs ~all — the record ends in either -all (hard fail: reject anything not listed) or ~all (soft fail: allow it through but mark it suspicious), and a great many sit on the softer setting.
  • It only checks the envelope sender — SPF only checks the hidden envelope sender, which is why it works alongside DKIM and DMARC rather than instead of them.

Having SPF is table stakes; the detail that matters is whether it ends in -all and whether DMARC is enforcing it.