SPF and SRS Explained
- SPF or Sender Policy Framework figthts
e-mail forgery in SMTP transaction.
It prevents unauthorized people from forging email addresses.
enable SPF, a
DNS TXT record is created
for DNS zone hosting this domain. It defines what IP's can be used to send mail from this domain.
On receiving e-mail from user's domain, recipient, providing SPF is enabled on their side,
can check if it indeed was sent from the IP listed in this DNS record.
- SRS or
Sender Rewriting Scheme
is a mechanism to rewrite sender addresses when a mail is forwarded in such a way
that mail forwarding continues to work in an SPF compliant world.
When you add SRS, then srs qmail parameters will be included on all mail servers,
also base64 secret key used in the SRS address cipher will be generated.
You can include mailSRS cron in the Background Job Manager to regenerate secret key every month.
Enabling SPF and SRS
- SPF is included in plans as a regular resources with
plan edit wizards.
- SRS is enabled for the whole system and doesn't require enbaling it in the plans.
To enable SRS, go to Mail Servers (the E.Manager menu) and
turn it ON, clicking the OFF button in the SRS entry:
SPF and SRS Configuration
To access SPF/SRS configuration form:
- Select Mail Servers from the E.Manager menu:
- Click the Action icon in the Mail Server Settings section:
- At the bottom of the page you will find SPF/SRS configuration form:
For SPF/SRS configuration parameters see details in
Configuring SPF/SRS parameters