# Sender Policy Framework SHALL Be Enabled

## Description

The Sender Policy Framework (SPF) is a mechanism that allows domain administrators to specify which Internet Protocol (IP) addresses are explicitly approved to send email on behalf of the domain, facilitating detection of spoofed emails. SPF is not configured through the Exchange admin center, but rather via the Domain Name Service (DNS) records hosted by the organization’s domain.

## Policy

* A list of approved IP addresses for sending mail SHALL be maintained
* An SPF policy(s) that designates only these addresses as approved senders SHALL be published.

## Licensing Considerations

Any tenant can configure this setting.

## Set Up Instructions

[Set up SPF to help prevent spoofing - Office 365 | Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-spf-configure?view=o365-worldwide)

[How Sender Policy Framework (SPF) prevents spoofing - Office 365 | Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-anti-spoofing?view=o365-worldwide)

Adding SPF records to a domain will vary depending on where the domain is hosted. Follow [these steps](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-spf-configure?view=o365-worldwide#create-or-update-your-spf-txt-record) for configuring an SPF record for Exchange Online.

## End-User Impact&#x20;

{% hint style="info" %}
Level: <mark style="color:green;">Low</mark>
{% endhint %}

Without proper SPF configuration, is possible that users will have their email rejected or marked as spam when sending outbound messages.

{% hint style="info" %}
Tips

* Optimize SPF Record: [How To Optimize SPF Record? v spf1 a mx (easydmarc.com)](https://easydmarc.com/blog/how-to-optimize-spf-record/#:~:text=Optimizing%20SPF%20record%201%201.%20Change%20sources%20order,of%20sources%20to%20the%20subdomain%20...%20More%20items)
  {% endhint %}

## PowerShell Scripts

None Currently

## Videos

{% embed url="<https://www.youtube.com/watch?v=r-Qz52BUL6E>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tminus365.com/security/exchange/sender-policy-framework-shall-be-enabled.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.