Home Page


Email & Spam

Security Terminology

Security Topics

VPN & Cryptography



Email Security and Spam Terminology

Zero Day Window


Bayesian Algorithm

Content and Connection control

Directory Harvesting Attacks

Email Encryption

Email Archiving

File attachments

Image scanning

Email Load balancing

Port forwarding and MX records

Reputation filters

Encrypted attachments

Grey Listing

Email Monitoring

Internal Email Security

Open Relay

Outbound email filtering

Per user quarantine area

Reverse DNS lookup & SPF

RFC Compliant emails


Spoofed email

Stopping spam for Networks guide

Email Throttling

What is Spam

Which Spam filter

Whitelists and Blacklists


Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?


What is Guide

What is a Firewall?

What is a Virus?

What is Spam?


Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security



Top 8 Internet Security Tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?





Reverse DNS Lookup and Sender Policy Framework


Reverse DNS

Reverse DNS lookup which is another commonly use method in spam filter software, determines the host associated with a given IP address. If an e-mail from externalcompany.com with a source address of arrives at your gateway, the Reverse DNS lookup feature if enabled will check the IP Address is actually associated with where it says it is from, externalcompany.com. If this is not the case, it is assumed the e-mail has been spoofed, and the mail will be classified as spoofed mail or spam.

Sender Policy Framework (SPF)

However reverse DNS is sometimes a problem for some companies. This is because DNS only register an IP address with the DNS name of their spam firewall. A company may send emails from multiple hosts, therefore needs a feature where they can specify multiple IP addresses with this domain name. This is the job of Sender Policy Framework (SPF).

The owner of a domain will publish an SPF record which will consist of authorised senders. When these records are published, the receiver can check the senders records to see if it is associated with that domain, and when the SPF records specify this is the case, the email is accepted. So the SPF record will prove this is a trusted sender for that domain.

Further Reading

Wikipedia's guide to Reverse DNS Lookup