Welcome

libspf2 implements the Sender Policy Framework, a part of the SPF/SRS protocol pair. libspf2 is a library which allows email systems such as Sendmail, Postfix, Exim, Zmailer and MS Exchange to check SPF records and make sure that the email is authorized by the domain name that it is coming from. This prevents email forgery, commonly used by spammers, scammers and email viruses/worms.

News

June 10th, 2013: libspf2 version 1.2.10 has beeen released, and is available here. This fixes IPv6-related issues. An update is recommended.

November 4th, 2008: libspf2 version 1.2.9 has beeen released, and is available here. This fixes aborts when generating explanations for mails with a long envelope sender, amongst other issues. An update is recommended.

October 15th, 2008: After a long hiatus, new releases of libspf2! Development work from a number of contributors has resulted in the release of versions up to 1.2.8. It is recommended that all users upgrade as soon as possible, since this release fixes some significant bugs. This release also comes with new doxygen documentation which should make the code easier to understand and cross-reference.

If you were emailed an md5sum for libspf2-1.2.8, note that this file has changed due to a bug in the release. If in doubt, please reply to the email asking for a new checksum.

libspf2 is now a fully thread safe SPF implementation. The latest release of libspf2 is available from the download page. Developers should be using this as the reference for new SPF applications. This release includes:

• New server/request/response API
• Simplification of all allocation
• Updates to match draft RFC specification
• Complete error message and diagnostics overhaul
• Numerous protocol, error and bug-fixes
• Thread safety in all resolvers
• Complete spfd and spfquery rewrite
• New cache algorithm
• Fixes for alignment on Sparc systems

What is SPF?

[from www.openspf.org]: SMTP has a security hole: any connecting client can assert any sender address. This flaw has been exploited by spammers to forge mail. The result: your mailbox fills up with bounces to messages that you didn't send. Close the hole, and we can easily block spammers by sender domain.

• SPF fights email address forgery and
• makes it easier to identify spams, worms, and viruses
• when domain owners designate sending mail servers in DNS, so that
• SMTP receivers can distinguish legitimate mail from spam
• by verifying the envelope sender address against client IP
• before any message data is transmitted.

Why use libspf2?

SPF is a moderately complex system, and it is critical that SPF deployments from different vendors be able to interoperate correctly. libspf2 is a complete, ground-up rewritten "second generation" implementation of SPF. It is being actively maintained to track the standards process by experienced programmers involved in developing the standards. The license (LGPL or 2-clause BSD) permits its inclusion in commercial products. It is feature-complete and thread safe. It is also thoroughly tested; the source code is freely available to anybody who wishes to inspect, contribute to, or test the library before deployment.

Libspf2 is designed to be secure, correct, portable, flexible, and fast (in that order). A great deal of effort has been put into the design and testing of libspf2. It is, to the best of our knowledge, the most feature complete, bug free and standard compliant implementation available. Unlike most other developers of SPF implementations, our extensive work on the SPF test suite has given us a broad understanding of the state of art of SPF implementations.