Sender Policy Framework System (Linux)

To set up support for Sender Policy Framework on your Linux-based server:

1. Go to Tools & Settings > Mail Server Settings (in the Mail group). The server-wide mail preferences screen will open on the Settings tab.
2. Select the Switch on SPF spam protection checkbox and specify whether you want SPF to continue checking if a DNS lookup fails.
3. Specify how to deal with email when SPF applies local and guess rules:
   • To accept all incoming messages regardless of SPF check results, select the Only create Received SPF-headers, never block option from the SPF checking mode drop-down box. This option is recommended.
   • To accept all incoming messages regardless of SPF check results, even if SPF check failed due to DNS lookup problems, select the Use temporary error notices when you have DNS lookup problems option from the SPF checking mode drop-down box.
   • To reject messages from senders who are not authorized to use the domain in question, select the option Reject mail if SPF resolves to "fail" (deny) from the SPF checking mode drop-down box.
   • To reject the messages that are most likely from senders who are not authorized to use the domain in question, select the option Reject mail if SPF resolves to "softfail" from the SPF checking mode drop-down box.
   • To reject the messages from senders who cannot be identified by SPF system as authorized or not authorized because the domain has no SPF records published, select the option Reject mail if SPF resolves to "neutral" from the SPF checking mode drop-down box.
   • To reject the messages that do not pass SPF check for any reason (for example, when sender's domain does not implement SPF and SPF checking returns the "unknown" status), select the option Reject mail if SPF does not resolve to "pass" from the SPF checking mode drop-down box.
4. To specify additional rules that are applied by the spam filter before the SPF check is actually done by the mail server, type the rules you need in the SPF local rules box.

   For more information on SPF rules, visit http://tools.ietf.org/html/rfc4408.

5. To specify the rules that are applied to domains that do not publish SPF records, type the rules into the SPF guess rules box.

   For example: v=spf1 +a/24 +mx/24 +ptr ?all

6. To specify an arbitrary error notice that is returned to the SMTP sender when a message is rejected, type it into the SPF explanation text box.

   If no value is specified, the default text will be used as a notification.

7. To complete the setup, click OK.