SPF: Its Functionality and How To Use It On Your Server - Implementing SPF on Your Server of Email Client
(Page 4 of 4 )
Currently, many MTAs support SPF lookups. Some servers, like CommuniGate Pro, have SPF functionality built in to the MTA and only need to have a configuration option changed. For other servers, such as Sendmail, Qmail, and Courier, the server administrator must install the SPF C libraries and then patch the server to support SPF. The proper way for SPF lookups to be implemented is for them to be done by the SMTP server at the time of receiving an email. Most servers will cache SPF records to help streamline the mail delivery process. In order to add support, the server admin must first download and install libspf2, the C library that provides actual programmatic support for the “check_host()” function defined in the SPF specification.
To install SPF functionality into Sendmail, it is easiest to set SPF up as a custom mail filter, also called a “milter.” Some good instructions can be found at: http://www.acme.com/software/spfmilter. Basically, the process consists of compiling and installing the SPF library, editing the Sendmail configuration file to use the SPF milter and then editing the server startup configuration to start the milter automatically.
There are also implementations available for SPF on Microsoft Exchange. There is a plugin filter available from the libspf2 website for Exchange, as well as a commercial implementation available in the GFI MailEssentials package (http://www.michaelbrumm.com/smtpspffilter.html).
If you don’t run your own server or your server admin can’t or won’t install SPF functionality, there is a plugin available for Thunderbird that does SPF checks on the client side. This plugin will check email messages you’ve downloaded and add a line above the header information notifying you if the message appears to be verified or not. In some ways, this is a particularly useful tool as it notifies the user at the point of interaction with the email system whether or not a message is legitimate.
Conclusion
SPF could be a powerful tool in combating junk and unauthorized email. Because of the basically trusting nature of the email system, phishing attacks have particular potency, especially against inexperienced or unknowledgeable users. In addition, the consequences of successful phishing attacks are devastating. SPF can help weed out and warn users when a particular message seems illegitimate. Unfortunately, SPF records are relatively rare in current DNS set-ups. It is imperative that more server administrators and domain owners publish this information in order to combat the flood of unauthorized email in our inboxes.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
/ 4 
