McAfee SMEFCE-AI-DA Administration Guide - Page 84

Email Authentication Email Protection Administrator Guide • Nothing prevents spammers and hackers from implementing SPF, so it is not a reliable spam indicator - Many organizations allow third parties to send mail on behalf of their domain (authorized spoofing). These third parties must be authorized by the domain owner as part of their SPF records in order for recipients to successfully validate the third party messages. • Hosted email providers often give the same SPF records to all their customers, making it impossible to distinguish one customer from the another, thus reducing usefulness of the technology. • Even when SPF is implemented and enforced, it is still possible for spammers to create very convincing spoofed emails; therefore, continued user training and caution is advised. Create an Enforced SPF Domain Go to the Email Authentication | Enforced SPF tab and complete the following information to implement an SPF domain. To enter values for the SPF domain list, enter the full address of the Sender domain and/or sub-domain, or use part of the domain using wildcards. Any Sender domain or subdomain must be explicitly specified for enforced SPF. Specifying a Sender domain doesn't automatically include any sub-domains of that domain. Examples of Wildcard use include any of the following: • *.example.com • example.* • mysubdomain.*.* • subdomain.*.example.com 1 Click the Add » button. The value is added to the list box. Note: The maximum number of values allowed in the Add Domain list is 1500. This limit is defined at the system level. Any duplicate or invalid values are discarded automatically. 2 To remove a value from the list, select it in the list box and click the « Remove button. Note: To select more than one value from the list, press Ctrl on your keyboard, click each entry you want to remove, and then click the « Remove button. 76 Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012