Sender Policy Framework

Standards track update of SPF published by the IETF (RFC 7208) (2014-04-25)

Standards track update of SPF approved by IESG (RFC 4408bis) (2014-01-17)

BITS Publishes New Email Authentication Policy and Deployment Strategy for Financial Services Firms (2013-02-25)

BITS has published an updated document recommending deployment of SPF and DKIM in conjunction with a newer technology, DMARC. More ...

Standards track extension of SPF approved by IESG (2012-03-20)

The IESG announced today that it had approved draft-ietf-marf-spf-reporting as a Proposed Standard. More ...

New IETF Working Group for SPF Chartered (2012-02-03)

The IESG yesterday approved the charter for SPFbis. More ...

New anti-spoofing protocol built on SPF (2012-01-30)

Fifteen leading email service and technology providers are today announcing DMARC.org, a technical working group that has been developing standards for reducing the threat of deceptive emails, such as spam and phishing. continue at dmarc.org

US Senate Adopts SPF to Rebut Future Hoaxes (2010-07-08)

A new e-mail validation system in the Senate will verify that all e-mails sent from Senate.gov addresses originate from legitimate — not "cloaked" — servers, the sergeant at arms announced Wednesday. Hoax prompts new Senate e-mail system

Australian Department of Defense Recommends SPF (2009-09-30)

In their new version of the Australian Government Information Security Manual, the Defence Signals Directorate has recommended use of SPF in conjunction with other email related security technologies such as TLS and DKIM.

MAAWG published revised Sender Best Communication Practices 2.0 (2008-06-02)

The Messaging Anti-Abuse Working Group stated in their latest BCP: "At the very least, senders should incorporate SPF records for their mailing domains".

US financial services industry group endorses SPF (2007-04-21)

BITS, a nonprofit industry consortium formed by many of the largest financial institutions in the USA, has announced their BITS Email Security Toolkit white-paper, recommending the deployment of SPF next to TLS and DKIM in order to address the identity forgery and phishing problems of e-mail. More...

Ubuntu Linux 7.04 (Feisty Fawn) released with support for SPF checking (2007-04-19)

The newest release of the popular Ubuntu Linux distribution includes Perl and Python SPF libraries that are compliant with RFC 4408 and the SPF test suite. Also included are associated Postfix policy servers. Postfix is the preferred mail server for Ubuntu. This is mentioned in the New Feature Tour (in the mail server section).

Website relaunch / Increasing SPF deployment and software support / 2007 council elections (2006-12-14)

New and improved: The SPF website — Significant increase in SPF deployment — Growing support in mail servers — The official RFC 4408 test-suite — New SPF libraries: pyspf 2.0 and Mail::SPF — The upcoming 2007 SPF Council elections

SPFv1 = RFC 4408, and other news from the SPF Project (2006-05-13)

The SPF project's website has moved to http://www.openspf.org — SPFv1 has been published by the IETF as RFC 4408 — The controversy about SPF and Sender ID — The project has set its agenda for 2006 — The project extends its thanks to the 2005 SPF Council — Introducing the elected 2006 Council

Mail::SPF::Query 1.999.1 released – End of life-cycle (2006-02-26)

Mail::SPF::Query, the current de facto reference implementation, has been released as version 1.999.1. The release fixes all known bugs that are not inherent limitations of M:S:Q's general design. Read the changelog. 1.999.1 has also been uploaded to the official Debian archive. This will be the last M:S:Q release ever, as the project is currently working on a new Perl module, Mail::SPF, which is to become the new reference implementation in Q2 of 2006.

Sender ID should not re-use SPFv1 records for PRA checking (2006-02-08)

The SPF Project has appealed the IESG's decision to publish the Sender ID specification unchanged as an Experimental RFC in concert with the SPF specification. Sender ID re-uses SPF's v=spf1 records for PRA checking, which was not anticipated by publishing domain owners and could thus interrupt their e-mail operation. Read the appeal.

The 2006 council elections (2006-01-30)

In 2006, the SPF Project went on to elect its second council. Again, five council members lead the project over twelve months to solidify the SPF standard and continue the battle against e-mail sender forgery according to the visions of the project's community. More...

SPF for e-mail is an independent standard (2005-03-23)

The SPF Project clarifies that its proposed SPF standard is independent from Microsoft's Sender-ID and any related proposals, and reaffirms its sole authority over the standard. More...

SPF Council elected and organized (2004-12-22)

The SPF Project announces the election results for its first elected council. This election is one of several steps the SPF community is taking to create a more organized, cohesive approach to fighting electronic mail abuse. More...

Older news can be found in the news archive.