Generic Email Source: SPF-Identified Servers

Description

SPF provides a way to identify servers that are authorized to send on behalf of a domain. Authorization to send on behalf of a domain usually means the domain owner has a connection (either technical or administrative) with the server in question. Be aware that SPF-Identified servers may not be sending DMARC-compliant email. To learn about how dmarcian identifies SPF-Identified Servers, see: https://space.dmarcian.com/spf-identified-servers-how-and-why

Possible Action

Servers that are authorized using SPF are likely capable of sending DMARC compliant email. However, be sure to review SPF-identified sources to make sure SPF records remain accurate (all legitimate sources are authorized), and that SPF records are not granting unintentional authorization (in the case where SPF is authorizing unrelated servers). To learn about SPF's primary source of misconfiguration, see: https://space.dmarcian.com/a-common-misconception-about-spf/

Sources

When deploying DMARC, domain owners often find new sources of email.

Domain owners then wonder if the source is capable of sending DMARC compliant email.

This directory contains information on the capabilities of various sources of email.