(1) (Stateful Packet Firewall) See stateful inspection.|
(2) (Sender Policy Framework) An e-mail authentication system that verifies that the message came from an authorized mail server. SPF is designed to detect messages from spammers and phishers who falsify the sender's IP address in the e-mail header. SPF is an extension to the SMTP mail protocol.
The DNS system identifies the IP address of a receiving mail server with a line of text in the DNS database known as an MX record. DNS also supports a "reverse MX" record, which identifies the sending mail server and is used by SPF. When an e-mail message is received, the mail server checks the SPF record in the DNS to see if it matches the actual IP address of the message. If it does, the e-mail is considered valid. For more information, visit www.spf.pobox.com.
SPF Classic and PRA
There are two approaches to checking e-mail messages via SPF. SPF Classic systems check only the envelope header, while Microsoft's Purported Responsible Address (PRA) method looks at the headers within the message. See Sender ID, Joe Job, spam, phishing, throwaway domain and SMTP.