What is SPF Alignment?

Q: What is SPF Alignment?

I once asked this question, and the answer was quite obscure, ending with “you may want to do your research before asking.” This came from a Network Engineer, and I was a bit shocked at how easily it could be answered. Read on.

Curated from Intermedia

In the coming weeks, we will enhance our email protection service by introducing new controls that allow customers to customize their email delivery options further. These controls will enable customers to choose their preferred delivery action for emails that pass the SPF check but fail SPF alignment, ensuring their specific needs and preferences are met.

What is SPF?

SPF is an acronym for ‘Sender Policy Framework’. It is a globally accepted standard that allows email providers to check whether an email is truly being sent from the location it claims to be. A common tactic used by hackers is to pretend an email is being sent from a well-known trusted brand to trick the recipient into believing it is a legitimate email. SPF check is how we find out if the email is actually sent from a legitimate source and act appropriately to protect the recipient.

What is SPF Alignment?

SPF Alignment is a sub-category of the SPF check applied to every email. An email is considered ‘aligned’ when the domain in the ‘from envelope’ matches the domain in the ‘from header’.

More information on SPF Alignment can be found here https://support.serverdata.net/app/articles/detail/a_id/15893#spfalignment

What is changing?

We are adding a new category to the Enforced SPF section of the Email Authentication page in the Control Panel to allow greater flexibility for deciding how emails failing SPF alignment should be handled. Currently, all emails that fail SPF alignment are treated as SPF errors and follow the delivery action set by customers for SPF errors. The new Enforced SPF category ‘Pass the SPF check, but fail SPF alignment’ by default will match the delivery action set for emails that error the SPF check.

For example, if your delivery action for emails that error the SPF check is ‘moved to admin quarantine’ then your delivery action for the newly added category ‘pass the SPF check, but fail SPF alignment’ will be set as ‘moved to admin quarantine’.

More information on SPF Enforcement in Email Protection can be found here https://support.serverdata.net/app/articles/detail/a_id/15893

Why is a new SPF Enforcement category, ‘Pass the SPF check, but fail SPF alignment,’, being added?

Currently, emails failing SPF alignment are treated as SPF errors. Moving SPF alignment to its own SPF Enforcement category allows customers greater flexibility over their email delivery options.

What is the appropriate delivery action for the new SPF Enforcement category ‘Pass the SPF check, but fail SPF alignment’?

Organizations will have different needs regarding how strictly SPF alignment checks should be applied to inbound email. Most organizations regularly receive legitimate emails that pass the primary SPF check but fail the secondary check of SPF alignment. Therefore, we recommend the appropriate delivery option for emails that ‘Pass the SPF check but fail SPF alignment’ for most organizations will be ‘deliver as normal’. Note that these messages will still be checked against all other policy actions, e.g., spam and virus detection.

Thank you,

Intermedia

Thank You for sharing.
Very informative!