Home
Microsoft
Defender
Endpoint & identity security
Microsoft 365 Security
M365 hardening & Secure Score
Conditional Access
Zero Trust access control
Purview
Data governance & DLP
Copilot Readiness
Secure before you deploy
Security Testing
External Pen Test
Internet-facing attack surface
Internal Pen Test
Assume-breach & AD attacks
Wi-Fi Pen Test
Wireless network security
Phishing & Social Engineering
Email, vishing, smishing
Protection & Physical
UniFi Protect CCTV
Professional video surveillance
UniFi Door Access
Ubiquiti access control
DNS Filtering
Block threats at the network layer
Awareness Training
Human risk management
View all solutions Talk to an expert
Fortify
Managed cyber security service
Penetration Testing
Find the gaps before attackers do
Audit & Assurance
Essential Eight, ISO 27001, NIST, SMB1001
CCTV & Door Access
Licensed physical security
Secure IT Office Relocation
Move technology safely, without downtime
Incident Response
When something goes wrong
All services
Partners
About Us
Insights
Articles & threat intelligence
Case studies
Real outcomes for Australian businesses
Essential Eight assessment
Estimate your maturity in 5 minutes
All resources

Emergency Contact

Network & infrastructure

SPF

An email authentication protocol that specifies which mail servers are authorised to send email on behalf of a domain, allowing receiving servers to reject email from unauthorised sources.

Also known asSPFSender Policy Framework

In plain English

SPF is a list published in your DNS records that says: "Only these mail servers are allowed to send email from our domain." When a receiving server gets an email claiming to be from your domain, it checks the SPF record. If the sending server isn't on the list, the email can be flagged as suspicious or rejected.

Keep learning

More terms in the IronSights Glossary.

Back to glossary Read insights