SPF Records and YOU

The Domain Name System (commonly known by its acronym, DNS) has been around for a long while.  Over the years, it has had enhancements and features added to it.  It works based on a series of records, describing information about a hostname.  For instance, when you came to this website here, the address is “www.jennyandjonathangetmarried.com”.  That’s a hostname.  The domain name there is just “jennyandjonathangetmarried.com”.  The internet, though, needs numbers to find servers.  It doesn’t understand names by themselves.  So, in order to get the host and network numbers that correspond to the hostname www.jennyandjonathangetmarried.com, your computer asked a domain name server (DNS server) to look up the numbers that correspond to that hostname.  Those numbers were looked up, given back to your computer, and then your computer created a network connection to the host located at that number.  That number is called an Internet Protocol (IP) address.

A DNS database is made up of a series of records.  Records describe information about a given host or domain name.  There are several different types of records, but the most interesting are:

• SOA: Start of Authority.  This is the first record in a database for a specific domain name.  It contains a bunch of information, including time periods for how long various information should be considered valid, a serial number that indicates the version of the database (necessary for synchronizing multiple servers), and some information about the domain for which this database is storing information.
• NS: Name Server. These records contain hostnames of other nameservers for the domain. Domains must have at least two nameservers. Domains used by large companies and organizations typically have multiple servers to distribute load and provide redundancy.
• A: Address. These records are probably some of the most important, storing the IP address for the given hostname. These are the records used to look up the IP address when a computer requests something like www.jennyandjonathangetmarried.com.
• PTR: Pointer. These records are used to provide a reverse mapping from IP address to hostname.  These are used for validation purposes and so that an IP address can be resolved back to a hostname quickly and efficiently.
• MX: Mail eXchanger. These records indicate servers that are able to accept or at least forward mail bound for the domain. Large organizations typically have multiple mail exchangers, providing redundancy and permitting mail to be delivered even in the event of poor network connectivity or a network segmentation (when part of the network can’t talk to another part of the network).
• TXT: Text. These records contain general text information and are usually free-form. These might contain details about the host, contact information, or other administrative details.
• SPF: Sender Policy Framework. These records are used to help authenticate mail senders, a practice which cuts down on spam and helps to make mailservers more trustworthy.

So, there, we made it to SPF, the whole point of this little thing. SPF records can exist as a separate SPF record, or they can be contained in a TXT record (useful for older DNS servers that don’t understand the SPF record type). An SPF record allows the domain administrator to tell other domain administrators which mailservers are allowed to send mail as whoever@jennyandjonathangetmarried.com.  This can help cut-down on spam by allowing domain administrators to reject mail that isn’t sent from an authorized host.

Well, today I had to make a SPF record change for one of my domains. This isn’t something I do a lot, so I sometimes have to look-up some of the syntax to make sure that I get it right. I like to be able to run things through some sort of validation system, too. Well, tonight I found a neat gadget that does the validation and will build an SPF record for you. Handy gadget, it is. It can be found at http://www.openspf.org.