Sender Policy Framework (SPF)


Central Email Domains

The UW's central email domains are uw.edu, washington.edu, u.washington.edu, cac.washington.edu, and myuw.net, and are collectively referred to as @uw.edu addresses.

SPF Record

Sender Policy Framework (SPF) records allow domain owners to state a policy about which computers are permitted to send email on behalf of their domain, and what to do with messages coming from computers not listed in their SPF record.   The UW's global presence, multiple supported email platforms, use of third-party vendors, and distributed IT make it impractical to identify a complete set of computers that our users may use to send legitimate email from.  To ensure that our SPF record does not result in legitimate mail being rejected or flagged as spam, while also ensuring that illegitimate mail is not given any undue preference, we've taken a neutral approach with our SPF record; we list only the email servers that directly handle email for the central email domains, and use a modifier flag that states that mail may also be sent from any other computer.  This ensures that an SPF check on any given message will result either in a "pass", meaning that it was sent through one of the central email servers, or a "neutral", meaning that it was sent from some other computer and SPF should not be used as a factor in determining how to handle the message. The SPF protocol requires that an SPF record be fully expanded within 10 DNS lookups.  As of October 2022, the record for uw.edu requires 7 lookups to expand, and the records for the other central domains require 8.  Other UW domains that include the uw.edu record are at 10 lookups. We will not list any third-party service providers or departmental servers in our SPF record.

FAQ

Does the SPF record affect mail sent from a server I run or from a third-party service provider?

No.  Because we are using a neutral approach, mail sent from a server you run or by a third-party service provider on your behalf, using an @uw.edu address, will receive a "neutral" result from an SPF check which tells a recipient that they cannot use SPF as factor in determining how to handle the message.

I need to have my server or third-party service provider's servers added to the uw.edu SPF record.

We will not list any third-party service providers or departmental servers in our SPF record.  You will need to use a departmental email domain to use as your From address and to host the SPF record.  If you do nothave a mail server to host this domain on, UW-IT's Virtual Email Domain service is available.

What should the SPF record for my domain look like?

You can find information on creating an SPF record at http://www.open-spf.org/ .  Your record needs to include all the IP addresses that may send mail for your domain and should also include the record for uw.edu. 
v=spf1 ip4:<your ip here> include:uw.edu ?all
If you would like assistance in creating an SPF record for you domain, please contact the UW-IT Service Center, help@uw.edu, with "Need assistance creating a SPF record" as the subject.