Two days ago, I was playing with DNSStuff (http://dnsstuff.com), doing some checks on my domain “0x82”. One of the tests was about some SPF thing that I never heard about.

It told me someone could send an email from anywhere, and make it appear that it was send from my domain, making it legitimate (ok, I know that this doesn’t make my email secure by himself). It told me that the solution was a SPF thing.

I’ve started reading about it, and realized that, although it seems a big hack (what? using the TXT field of a domain to store data??), it could help and protect your email. For that I needed to change the TXT record of my domain (try dig TXT 0x82.com on your console).

Then, to make sure that the email I receive is tested against this specification, I had to configure my postfix SMTP server. If you search on google for “postfix spf debian” you will find nice tutorials on how to implement that. It was really simple!