In June 2003, Meng Weng Wong merged the RMX and DMP specifications and solicited suggestions from others. Among the proposals submitted to the ASRG were "Reverse MX" (RMX) by Hadmut Danisch, and "Designated Mailer Protocol" (DMP) by Gordon Fecyk.
These posts ignited a lot of interest, led to the forming of the IETF Anti-Spam Research Group (ASRG) and their mailing list, where the SPF idea was further developed. The very next day, Paul Vixie posted his own SPF-like specification on the same list. No mention was made of the concept again until a first attempt at an SPF-like specification was published in 2002 on the IETF "namedroppers" mailing list by Dana Valerie Reese, who was unaware of the 2000 mention of the idea. The first public mention of the concept was in 2000 but went mostly unnoticed. Sender Policy Framework is defined in RFC 7208 dated April 2014 as a "proposed standard". The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain. SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain's administrators. Only in combination with DMARC can it be used to detect the forging of the visible sender in emails ( email spoofing ), a technique often used in phishing and email spam. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is used when the mail gets bounced.
Sender Policy Framework ( SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email.
0 kommentar(er)
