JSI Tip 10128. How can I help e-mail recipients identify SPAM by configuring SPF (Sender of Policy Framework) records in the Windows Server 2003 DNS (Domain Name System)?

NOTE: If you don't host public DNS records for your domain, have your ISP use this tip.

SPF is a new authentication protocol that can counter spoofing by people who send SPAM, when administrators publish SPF records in the public DNS.

To configure SPF records in Windows Server 2003 DNS:

1. Open the DNS snap-in from Administrative Tools.

2. Expand the DNS server object in the left hand pane.

3. Expand the Forward Lookup Zones.

4. Right-click the domain folder to which you want to add the SPF record and press Other New Records.

5. Select Text (TXT) in the Select a resource record type list and press Create Record.

6. If you add a record for the parent domain, leave the Record name box blank. Otherwise, type the single part name of the domain in the Record name box.

7. In the Text box, type:

yourdomainname.com. TXT "v=spf1 mx -all"

where yourdomainname.com is your domain name.

NOTE: See The Sender ID Framework

NOTE: See Help prevent identity theft from phishing scams

TAGS: Windows 8
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.