How to configure Sender of Policy Framework records in the Windows Server 2003 Domain Name System

This article describes how to configure Sender of Policy Framework (SPF) records in the Windows Server 2003 Domain Name System (DNS).

The Sender ID Framework is a new authentication protocol that can be used to counter spoofing by people who send unsolicited commercial e-mail messages (spam). Spoofing is the practice of forging a sender's address on e-mail messages. Spoofing misleads e-mail recipients and makes them read and respond to deceptive e-mail messages. To safeguard Internet domain names, and to help e-mail recipients identify junk e-mail messages and phishing scams more effectively, administrators can publish SPF records in the public DNS.

To configure SPF records in the Windows Server 2003 DNS, follow these steps:

1. Click Start, point to All Programs, point to Administrative Tools, and then click DNS.
2. In the left pane, expand the DNS server object, and then expand Forward Lookup Zones.
3. Right-click the domain folder to which you want to add the SPF record, and then click Other New Records.
4. In the Select a resource record type list, click Text (TXT), and then click Create Record.
5. If you add a record for the parent domain, leave the Record name box blank. If you do not add a record for the parent domain, type the single part name of the domain in the Record name box.
6. In the Text box, type v=spf1 mx -all.
7. Click OK, and then click Done.

Note This procedure is for DNS servers that host public DNS records for the domain. If the DNS records are being hosted by an Internet service provider (ISP), contact the ISP to request SPF records for the domain.

For more information about the Sender ID Framework, visit the following Microsoft Web site:For more information about the practice that is known as phishing, visit the following Microsoft Web site: