![kynd-logo-200-1.png]](https://help.kynd.io/hs-fs/hubfs/kynd-logo-200-1.png?height=40&name=kynd-logo-200-1.png){kind=logo}
Weak email sender enforcement (SPF)
What is SPF and why should I be concerned?
SPF stands for "Sender Policy Framework". It is an email authentication method used to help prevent email spoofing. An SPF record allows a domain owner to publish a list of the domains or IP addresses authorised to send emails on behalf of a domain.
If SPF policies are not configured with strict enforcement, spoofed emails impersonating your organisation may still reach recipient inboxes. This can allow malicious actors to target clients, suppliers and other vital business contacts using fraudulent emails.
How do I resolve this?
Review your SPF configuration and ensure that only authorised senders are permitted to send emails on behalf of your domain.
Where appropriate, configure the SPF "all" mechanism to use a stricter enforcement policy such as -all. This helps ensure that emails sent from unauthorised servers are explicitly rejected, reducing the risk of email spoofing attacks.