Ensure that your Amazon Route 53 hosted zone has a TXT record that implements the Sender Policy Framework (SPF) for the corresponding MX record available within the DNS zone. The Sender Policy Framework enables your AWS Route 53 registered domain to publicly state which mail servers are authorized to send emails on its behalf.
This rule can help you with the following compliance standards:
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Implementing Sender Policy Framework (SPF) for your Amazon Route 53 domain name will help you detect and stop email address spoofing in order to reduce spam and increase your domain trustworthiness.
Note: This conformity rule assumes that your Route 53 domain name is using an MX record for declaring the server(s) that should handle the email delivery.
To determine if your Amazon Route 53 hosted zone contain a TXT DNS record with SPF information for the corresponding MX record, perform the following actions:
Remediation / Resolution
To implement Sender Policy Framework (SPF) for all the corresponding MX records using Route 53 TXT DNS records, perform the following operations:
- AWS Documentation
- Amazon Route 53 FAQs
- What is Amazon Route 53?
- Working with public hosted zones
- Working with records
- Creating records by using the Amazon Route 53 console
- Supported DNS record types
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Sender Policy Framework In Use
Risk level: Medium