A hard fail SPF record is used when specifying authorised email servers (or lack thereof) for an organisation’s domains (including subdomains).
Topic
Sender Policy Framework
Applicable to
all
History
Priority
should
Jun 2023
A hard fail SPF record is used when specifying authorised email servers (or lack thereof) for an organisation’s domains (including subdomains).
A minor grammatical change was made to the existing control relating to a hard fail SPF record being used when specifying authorised email servers (or lack thereof) for an organisation’s domains (including subdomains).
Sep 2022
A hard fail SPF record is used when specifying authorised email servers (or lack thereof) for all domains (including subdomains).
xisting controls covering ‘domains’ were amended to ‘domains (including subdomains)’ to avoid confusion as to whether subdomains were in scope or out of scope for these controls.
2015
Agencies should use a hard fail SPF record when specifying their mail servers.