A Brief History of SPF

The history of SPF dates back to the early 2000s when it was first introduced. SPF Sender Policy Framework is a method of authentication that enables mail receivers to verify the source domains of email messages. In the early 2000s, there were a few proposals for how email could be authenticated. Among those was “Reverse MX” (RMX) by Hadmut Danisch and “Designated Mailer Protocol” (DMP) by Gordon Fecyk. 

However, these two proposals were merged in the year 2003 by the Founder of Pobox and Singapore-based notable entrepreneur, Meng Weng Wong. Over the next couple of years, several alterations were underway with specialists and security engineering soliciting over SPF. 

In 2005, email SPF was recognized as an Internet Engineering Task Force (IETF) experimental standard. Finally, in 2006, SPF was published with RFC 4408 as the specification (as experimental).

How did Sender Policy Framework get its name? 

SPF was earlier an acronym for Sender Permitted From ( also called SMTP+SPF). In February of 2004, SPF came to be known by the popular acronym that we are familiar with today, which is: Sender Policy Framework.

The Current State of SPF

The current version of SPF in use is 2.0 and is defined in RFC 7208 from 2014. It is now supported by all major email providers such as Microsoft (Outlook),Google (Gmail),Yahoo Mail, AOL, Hotmail/Outlook Live, and more. 

Originally, SPF was designed to prevent email spoofing and email phishing by allowing email senders to declare which servers they are allowed to send mail from. Since then, the protocol has evolved in many ways and has been implemented in some form by almost all popular email servers.