Sender Policy Framework

The Sender Policy Framework (SPF) system is a way to stop people from forging your domain name in email. This kind of forgery is widely used by spammers, phishers and email viruses/worms.

Last December, I was elected to the SPF council, which sounds more impressive than it really is. Mostly it is just a way of letting the SPF community make final decisions on stuff. As part of my council work, I do maintain the SPF council IRC logs.

My main goal as an SPF council member is to try and get an SPF-classic draft spec through the IETF. I've pretty much taken over the active editing of the draft from the previous two authors and I've learned just how much work it is. Lots of research into details that have to be right. Lots of debating issues and trying to reach a consensus. Still, I think things are going very well and I'm becoming very pleased with the draft. The IETF has accepted it for Experimental RFC status, and now "all" I have to do is work with the RFC editor to clean up any last problems with it.

As one of a large group of volunteers working on the SPF project, I have developed/maintain a few tools to help out. The two main tools are the quasi-official SPF test suite and the LibSPF2 SPF implementation.