PKP/Bug Fixes/SPF
Back to PKP Bug Fixes
Contents
Introduction
To combat spam and email phishing a new email system called the "Sender Policy Framework" (SPF) is being adopted world wide by academic institutions and others. This is a very recent development and therefore OJS systems must be retroactively configured to support SPF. This wiki page documents these efforts at Stellenbosch University Library.
What is the SPF?
https://en.wikipedia.org/wiki/Sender_Policy_Framework
From Wikipedia (retrieved 2016/05/17);
"Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.[1] The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged "from" addresses, so publishing and checking SPF records can be considered anti-spam techniques."
How does the SPF work?
To determine if there is an SPF record for a sending domain, use the "dig" command as per example below in a terminal;
dig txt sun.ac.za
Sample output for "sun.ac.za"
; <<>> DiG 9.10.3-P4-Ubuntu <<>> txt sun.ac.za ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50092 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;sun.ac.za. IN TXT ;; ANSWER SECTION: sun.ac.za. 25238 IN TXT "University of Stellenbosch, South Africa" sun.ac.za. 25238 IN TXT "ydW1uk2ljPYuIuijeNP29VqLY1fH/1BYzJ8XkvuCmpe7b1pltGc4EaZcvw7V1PTKi5JkCgzH95fQNDdjOALHwQ==" sun.ac.za. 25238 IN TXT "v=spf1 ip4:146.232.64.12 ip4:146.232.64.13 ip4:146.232.64.14 include:spf.protection.outlook.com -all" sun.ac.za. 25238 IN TXT "Google Domain Verification 07082014" ;; Query time: 0 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Tue May 17 11:44:35 SAST 2016 ;; MSG SIZE rcvd: 353
Sample output for "uct.ac.za"
; <<>> DiG 9.10.3-P4-Ubuntu <<>> txt uct.ac.za ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62084 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;uct.ac.za. IN TXT ;; ANSWER SECTION: uct.ac.za. 3600 IN TXT "Ox1qfakkMKmET7grQG8BzAU0BFKkXZlwIZLm68SBnlYXFefU2YK8lhbZCzevz88UNYx5QNheElQe6z5u/uApjQ==" uct.ac.za. 3600 IN TXT "v=spf1 ip4:137.158.153.103 ip4:137.158.153.104 ip4:137.158.154.116 ip4:137.158.154.166 ip4:137.158.154.117 ip4:137.158.154.165 a include:_netblocks.mimecast.com include:spf.protection.outlook.com ~all" uct.ac.za. 3600 IN TXT "MS=ms97433074" ;; Query time: 11 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Tue May 17 11:48:43 SAST 2016 ;; MSG SIZE rcvd: 378
See:http://stackoverflow.com/questions/4082935/using-dig-to-search-for-spf-records
