SPF Alignment

In addition to simply asserting in an SPF record the list of IP addresses allowed to send on behalf of your domain, you’ll need to work with Senders to ensure that SPF is aligning properly.

Understanding alignment requires understanding the SMTP protocol to a small degree. For SPF, a domain is considered aligned when the domain portion of the RFC5321.MailFrom (also known as the MAIL FROM, Envelope From or Return Path) matches the From: address (also known as the Friendly From: address) displayed in the body (or DATA portion) of the email message.

Most of the time, the ‘Return-Path’ header is used to show the RFC5321.MailFrom domain and is typically not visible in most email clients.

An example SMTP conversation is shown below:

1 S: 220 smtp.example.com ESMTP Postfix

2 C: HELO relay.example.com

3 S: 250 smtp.example.com, I am glad to meet you

4 C: MAIL FROM:<bob@example.com>

5 S: 250 Ok

6 C: RCPT TO:<alice@example.com>

7 S: 250 Ok

8 C: RCPT TO:<theboss@example.com>

9 S: 250 Ok

10 C: DATA

11 S: 354 End data with <CR><LF>.<CR><LF>

12 C: From: "Bob Example" <bob@example.com>

13 C: To: Alice Example <alice@example.com>

14 C: Cc: theboss@example.com

15 C: Date: Tue, 15 January 2008 16:02:43 -0500

16 C: Subject: Test message

17 C:

18 C: Hello Alice.

19 C: This is a test message with 5 header fields and 4 lines in the message body.

20 C: Your friend,

21 C: Bob

22 C: .

23 S: 250 Ok: queued as 12345

24 C: QUIT

25 S: 221 Bye

{The server closes the connection}

In the example above, line 4 is the RFC5321.MailFrom address, and line 12 is the Friendly From address (which is usually visible in the mail client). In this example, the domains portions are considered aligned for SPF purposes.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
202404031216 | April 2024