Skip to main content

SPF Settings

Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.[1] The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT recordEmail spam and phishing often use forged "from" addresses, so publishing and checking SPF records can be considered anti-spam techniques. (See original source).

Set SPF Settings

  • Set SPF Enabled to YES or NO in order to enable or disable SPF.

Setting SPF to NO will automatically disable DKIM if enabled.

  • Set the Logging Level field to a logging level of your choice. By default, it's set to Level 1.
    • Level 1 logs no debugging messages, just basic policy results and errors generated through the policy server.
    • Level 2 adds a log message if no client address (IP address from which the connection was made), Mail From address, or HELO/EHLO name is received by the policy server, and logs SPF results for each Mail From and HELO check.
    • Level 3 generates a log message each time the policy server starts and each time it exits, as well as logging a copy of the exact header returned to Postfix to be prepended into the message. Each time the policy server starts. Level 3 also logs the configuration information used by the policy server.
    • Level 4 logs the complete data set received by Postfix via the policy interface and when the end of the entry is read.
    • Level 5 is used to debug config file processing and, for this purpose, can only be set in code and not via the config file. It also provides additional internal status details generally of interest only to developers.
    • Level 0 server logs errors only.
    • Disabled logs nothing, not even error messages. This setting is NOT recommended.
  • Set the Test Mode to Enabled or Disabled. Setting it to Enabled Hermes SEG will NOT block any e-mail and simply generate logs.
  • Set the HELO Check Rejection Policy field to a setting of your choice. By default, it's set to Reject HELO Fail.
  • Set the HELO Check Rejection POlicy to a setting of your choice. By default it's set to Reject Mail from Fail.
  • Set the Permanent Error Policy to a setting of your choice. By default it's set to False.
  • Set the Temporary Error Policy to a setting of your choice. By default it's set to False.

 

 

Back to top