Sender Policy Framework (SPF)

In a nutshell SPF prevents people from “spoofing” an email address. A “spoofer” puts a fake (or someone else’s) email address in an email before sending it out.  For example a spammer could send out one million spam emails showing their address as “”. 

Spammers do this because they don’t want the hundreds of rejected messages they would get back from people who changed their email address or their mail servers who recognize the email as spam.  SPF prevents this by looking up the authorized mail servers for the sending domain ( in this example).  If the sending email server is not an authorized mail server for the “from” email address, the receiving server will not accept the message.  Your server hosted with us checks all incoming messages for SPF.  A lot of small companies without IT departments are not familiar with the specifics of setting up SPF records so if a sender does not have a SPF record the message is not rejected.  For all domains that do have SPF records, the record is matched with the sender by IP address, and if the send is not authorized the message is rejected.  Most large companies also check the SPF of all emails that they receive, however if there is no SPF record for the sender they may simply reject the email.  For this reason SPF has been set up for your domain hosted by BoxISP so there is nothing for you to do.  Just make sure you send all emails through your mail server hosted here or your message may be rejected because your SPF record will not match the other server.