all-in-one privacy solution":["Proton Unlimited jest kompleksowym rozwiązaniem zapewniającym prywatność"],"Black Friday":["Czarny Piątek"],"No ads. Privacy by default.":["Brak reklam. Prywatność w standardzie."],"People before profits":["Ludzie przed zyskiem"],"Security through transparency":["Bezpieczeństwo dzięki przejrzystości"],"The best Proton Mail ${ BLACK_FRIDAY } deals":["Najlepsze oferty Proton Mail ${ BLACK_FRIDAY }"],"The world’s only community- supported email service":["Jedyna na świecie usługa e-mail wspierana przez społeczność"]},"specialoffer:limited":{"${ hours } hour":["${ hours } godzina","${ hours } godziny","${ hours } godzin","${ hours } godziny"],"${ hoursLeft }, ${ minutesLeft } and ${ secondsLeft } left":["Pozostało: ${ hoursLeft }, ${ minutesLeft } i ${ secondsLeft }"],"${ minutes } minute":["${ minutes } minuta","${ minutes } minuty","${ minutes } minut","${ minutes } minuty"],"${ seconds } second":["${ seconds } sekunda","${ seconds } sekundy","${ seconds } sekund","${ seconds } sekundy"],"Limited time offer":["Oferta ograniczona czasowo"]},"specialoffer:listitem":{"Create multiple addresses":["Utwórz wiele adresów"],"Hide-my-email aliases":["Aliasy hide-my-email"],"Quickly unsubscribe from newsletters":["Szybko anuluj subskrypcję biuletynów"],"Use your own domain name":["Korzystaj z własnej nazwy domeny"]},"specialoffer:logos":{"As featured in":["Opinie naszych klientów"]},"specialoffer:metadescription":{"Get an encrypted email that protects your privacy":["Uzyskaj zaszyfrowaną usługę e-mail, która chroni Twoją prywatność"]},"specialoffer:metatitle":{"Proton Mail Black Friday Sale - Up to 40% off":["Wyprzedaż Proton Mail z okazji Czarnego Piątku – uzyskaj do 40% zniżki"]},"specialoffer:newmetadescription":{"Get up to 40% off Proton Mail subscriptions this Black Friday. Find great deals on our secure end-to-end encrypted email plans.":["Uzyskaj do 40% zniżki na subskrypcje Proton Mail w ten Czarny Piątek. Znajdź wspaniałe oferty naszych bezpiecznych planów usługi poczty elektronicznej w szyfrowaniu end-to-end."]},"specialoffer:newmetatitle":{"Proton Mail Black Friday sale | Up to 40% off secure email":["Wyprzedaż Proton Mail z okazji Czarnego Piątku | Do 40% zniżki na bezpieczną pocztę elektroniczną"]},"specialoffer:note":{"* Billed at ${ TOTAL_SUM } for the first year":["* Płatne ${ TOTAL_SUM } za pierwszy rok"],"*Billed at ${ TOTAL_SUM } for the first 2 years":["* Płatne ${ TOTAL_SUM } za pierwsze 2 lata"],"30-day money-back guarantee":["30-dniowa gwarancja zwrotu pieniędzy"],"Billed at ${ TOTAL_SUM } for the first 2 years":["Płatne ${ TOTAL_SUM } za pierwsze 2 lata"],"Billed at ${ TOTAL_SUM } for the first year":["Płatne ${ TOTAL_SUM } za pierwszy rok"],"You save ${ SAVE_SUM }":["Oszczędzasz ${ SAVE_SUM }"]},"specialoffer:off":{"${ PERCENT_OFF } off":["-${ PERCENT_OFF }"]},"specialoffer:testimonial":{"I love my ProtonMail":["Uwielbiam ProtonMail"],"My favorite email service":["Moja ulubiona usługa e-mail"],"Thanks Proton for keeping us all safe in the complicated internet universe.":["Dziękuję Protonowi za dbanie o nasze bezpieczeństwo w skomplikowanym internetowym uniwersum."],"You get what you pay for. In the case of big tech, if you pay nothing, you get used. I quit using Gmail and switched to @ProtonMail":["Dostajesz to, za co płacisz. W przypadku przedsiębiorstw big tech, jeśli nie płacisz nic, zostaniesz wykorzystany. Przestałam korzystać z Gmail i przeniosłam się na @ProtonMail"]},"specialoffer:time":{"Days":["Dni"],"Hours":["Godz."],"Min":["Min"]},"specialoffer:title":{"And much more":["I wiele więcej"],"Safe from trackers":["Żadnych elementów śledzących"],"Stay organized":["Dbaj o dobrą organizację"],"Black Friday email deals":["Oferty e-mailowe na Czarny Piątek"],"Don’t just take our word for it":["Nie musisz wierzyć nam na słowo"],"Make your inbox yours":["Niech skrzynka odbiorcza należy tylko do Ciebie"],"Our story":["Nasza historia"],"Transfer your data from Google in one click":["Przenieś dane z Google jednym kliknięciem"]},"specialoffer:tooltip":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, connect up to 10 devices, access worldwide streaming services, malware and ad-blocker, and more.":["Uzyskaj dostęp do zablokowanych treści i przeglądaj prywatnie Internet. Obejmuje ponad ${ TOTAL_VPN_SERVERS } serwerów w ponad ${ TOTAL_VPN_COUNTRIES } krajach z możliwością połączenia do 10 urządzeń, a także dostęp do globalnych usług streamingu, blokadę reklam, złośliwego oprogramowania i wiele więcej."],"Easily share your calendar with your family, friends or colleagues, and view external calendars.":["Łatwo udostępniaj swój kalendarz rodzinie, znajomym oraz współpracownikom i wyświetla kalendarze zewnętrzne."],"Includes support for 1 custom email domain, 10 email addresses, 10 hide-my-email aliases, calendar sharing, and more.":["Zawiera obsługę 1 niestandardowej domeny e-mail, 10 adresów e-mail, 10 aliasów hide-my-email, udostępnianie kalendarza i nie tylko."],"Includes support for 3 custom email domains, 15 email addresses, unlimited hide-my-email aliases, calendar sharing, and more.":["Obejmuje obsługę 3 niestandardowych domen e-mail, 15 adresów e-mail, nielimitowane aliasy hide-my-email, udostępnianie kalendarza i nie tylko."],"Manage up to 25 calendars, mobile apps, secured with end-to-end encryption, 1-click calendar import from Google, and more.":["Zarządzanie nawet 25 kalendarzami, aplikacje mobilne, bezpieczne szyfrowanie metodą end-to-end, importowanie kalendarza za pomocą jednego kliknięcia z Google i więcej."]},"Status banner":{"Learn more":["Dowiedz się więcej"],"Please note that at the moment we are experiencing issues with the ${ issues[0] } service.":["Uwaga: obecnie występują problemy z usługą ${ issues[0] }."],"We are experiencing issues with one or more services at the moment.":["Mamy problemy z co najmniej jedną usługą."]},"Status Banner":{"At the moment we are experiencing issues with the Proton VPN service":["W tej chwili mamy problemy z usługą Proton VPN"],"Learn more":["Dowiedz się więcej"]},"steps":{"Step":["Krok"]},"suggestions":{"Suggestions":["Sugestie"]},"Support":{"Sub category":["Podkategoria","Podkategorie","Podkategorii","Podkategorii"]},"Support article":{"${ readingTime } min":["${ readingTime } min","${ readingTime } min","${ readingTime } min","${ readingTime } min"],"Category":["Kategoria","Kategorie","Kategorii","Kategorii"],"Didn’t find what you were looking for?":["Nie znaleziono szukanej frazy?"],"General contact":["Skontaktuj się, wykorzystując ogólne zapytanie"],"Get help":["Uzyskaj pomoc"],"Legal contact":["Skontaktuj się z działem prawnym"],"Media contact":["Skontaktuj się z zespołem medialnym"],"Partnerships contact":["Skontaktuj się z zespołem ds. partnerstwa"],"Reading":["Odczytywanie"]},"Support Form Platform option":{"VPN for Android TV":["VPN dla Android TV"],"VPN for Apple TV":["VPN na Apple TV"],"VPN for Chromebook":["VPN dla Chromebooka"]},"Support troubleshooting":{"App version":["Wersja aplikacji"],"Browser":["Przeglądarka"],"Check if this helps":["Sprawdź, czy to pomoże"],"Choose a product":["Wybierz produkt"],"Did this solve your issue?":["Czy Twój problem został rozwiązany?"],"Faster assistance is just a few clicks away":["Szybsze wsparcie uzyskasz w kilka kliknięć"],"How can we help?":["Jak możemy pomóc?"],"No, contact support":["Nie, skontaktuj się z pomocą techniczną"],"Please fill out one field after another":["Wypełnij pola jedno po drugim"],"Please make your selections":["Dokonaj wyboru"],"Proton account":["Konto Proton"],"Proton for Business":["Proton for Business"],"Thank you for your feedback":["Dziękujemy za podzielenie się opinią"],"What can we help with?":["W czym możemy pomóc?"],"Yes":["Tak"]},"support_modal_search_query":{"Search query":["Zapytanie wyszukiwania"]},"support_search_button":{"Search":["Szukaj"]},"support_search_i_am_looking_for":{"I'm looking for":["Szukam"]},"SupportForm":{"For a faster resolution, please report the issue from the Bridge app: Help > Report a problem.":["W celu szybszego rozwiązania problemu dokonaj zgłoszenia przez aplikację Bridge: Pomoc > Zgłoś problem."],"Information":["Informacje"]},"SupportForm:option":{"Account Security":["Bezpieczeństwo konta"],"Contacts":["Kontakty"],"Custom email domain":["Niestandardowa domena e-mail"],"Email delivery and Spam":["Dostarczanie wiadomości e-mail i spam"],"Encryption":["Szyfrowanie"],"Login and password":["Login i hasło"],"Merge aliases and accounts":["Scalanie aliasów i kont"],"Migrate to Proton":["Migracja do Proton"],"Notifications":["Powiadomienia"],"Other":["Inne"],"Plans and billing":["Plany i rozliczenia"],"Proton for Business":["Proton for Business"],"Sign up":["Rejestracja"],"Storage":["Przestrzeń dyskowa"],"Users, addresses, and identities":["Użytkownicy, adresy i tożsamości"]},"SupportForm:optionIntro":{"Select a topic":["Wybierz temat"]},"Testimonial":{"Awards":["Nagrody"],"Customers":["Klienci"],"Featured":["Wyróżnione"],"Go to testimonial source":["Przejdź do źródła referencji"],"Open source of award":["Otwórz źródło nagrody"],"Open source of quote":["Otwórz źródło cytatu"],"Reviews":["Opinie"],"Videos":["Pliki wideo"],"Watch on TikTok":["Oglądaj na TikTok"],"Watch on YouTube":["Oglądaj na YouTube"]},"TestimonialCategory":{"Awards":["Nagrody"],"Customers":["Klienci"],"Featured":["Wyróżnione"],"Media":["Multimedia"],"Reviews":["Opinie"],"Videos":["Pliki wideo"]},"Text":{"If you need help, check out our ${ supportLink }.":["Jeśli potrzebujesz pomocy, sprawdź naszą ${ supportLink }."],"The page you’re looking for might have been removed, or it could be an\nold link.":["Strona, której szukasz, mogła zostać usunięta lub link jest przestarzały."],"Your question may already have an answer in our knowledge base:":["Na Twoje pytanie może już istnieć odpowiedź w bazie wiedzy:"]},"tooltip_vpn":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, highest VPN speed, ${ TOTAL_VPN_CONNECTIONS } VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Uzyskaj dostęp do zablokowanych treści i przeglądaj prywatnie Internet. Obejmuje ponad ${ TOTAL_VPN_SERVERS } serwerów w ponad ${ TOTAL_VPN_COUNTRIES } krajach, najwyższe prędkości VPN, ${ TOTAL_VPN_CONNECTIONS } połączeń VPN, usługi streamingu na całym świecie, blokowanie reklam oraz złośliwego oprogramowania i wiele więcej."]},"vpn_servers":{"Get Proton VPN Plus":["Wybierz plan Proton VPN Plus"]},"wallet_signup_2024:Action":{"Get Proton Wallet":["Wybierz Proton Wallet"]},"wallet_signup_2024:Homepage hero product link title":{"Wallet":["Portfel"]},"wallet_signup_2024:Homepage product navigation bar":{"Wallet":["Portfel"]},"wallet_signup_2024:menu item":{"Bitcoin guide":["Przewodnik po systemie Bitcoin"],"Proton Wallet news":["Aktualności Proton Wallet"],"Proton Wallet support":["Wsparcie dla Proton Wallet"]},"wallet_signup_2024:Pricing":{"Includes everything in Proton Unlimited and":["Zawiera wszystko, co Proton Unlimited oraz"],"Limited availability":["Ograniczona dostępność"],"The easiest way to securely own, send, and receive Bitcoin":["Najprostszy sposób na bezpieczne przechowywanie, wysyłanie i odbieranie waluty Bitcoin"]},"wallet_signup_2024:ProductRange":{"Discover Proton Wallet":["Odkryj rozwiązanie Proton Wallet"],"Store and transact Bitcoin privately with an encrypted self-custody wallet.":["Bezpiecznie przechowuj i przesyłaj Bitcoiny dzięki szyfrowanemu portfelowi typu self-custody."]},"wallet_signup_2024:wallet bitcoin":{"Learn about Bitcoin, the Internet's value network.":["Dowiedz się więcej o internetowym systemie gotówkowym Bitcoin."]},"wallet_signup_2024:wallet overview":{"Ensure you're always in control of your Bitcoin.":["Miej pełny nadzór nad swoimi Bitcoinami."]},"wallet_signup_2024:wallet security":{"The encrypted, open-source wallet that puts you in control.":["Szyfrowany portfel o otwartym kodzie źródłowym, który daje Ci pełną kontrolę."]}}},"base":"blog","cdn":{"enabledForAssets":true,"enabledForImages":true,"url":"https://pmecdn.protonweb.com/"},"unleashApi":"https://account.proton.me/api"};
window.frameworkContext = frameworkContext;
const context = frameworkContext.base === '' ? '' : `${frameworkContext.base}/`;
window.__toAssetUrl = (filename) => {
if (frameworkContext.cdn !== undefined && frameworkContext.cdn.enabledForAssets === true) {
return `${frameworkContext.cdn.url}${context}${filename}`;
} else {
return `/${context}${filename}`;
}
};
})();
Sender Policy Framework (SPF) is an email authentication method that verifies that a message has been sent from an authorized mail server. Learn how it works and how it helps to protect your email domain.
Used with DKIM and DMARC(nowe okno), SPF is one of the main ways internet service providers (ISPs) and email platforms identify and block spam and phishing attacks.
We explain SPF, how it works, and why you need it to help protect your domain and ensure your messages are delivered.
Sender Policy Framework (SPF) is an email authentication protocol that allows you to specify the servers authorized to send mail from your domain, making it harder for fraudsters to spoof (forge) your address.
If you send email from a custom domain (for example, @yourdomain.com), you can list the IP addresses(nowe okno) of the mail servers authorized to send your mail. By checking your list of IP addresses, email services and ISPs can identify whether the message came from a trusted server.
What is SPF used for?
SPF is one of the main methods email servers use to authenticate emails. It helps email providers identify spoofed addresses and block spam and phishing emails.
However, SPF alone isn’t enough to spot spoofed messages because the sender’s address (From field) can be forged. By using SPF with DKIM and DMARC, email providers can verify that the sender’s domain matches the From field, confirming that the address isn’t spoofed.
How SPF differs from DKIM and DMARC
SPF, DKIM, and DMARC are email authentication protocols that are used to verify that emails are sent from a legitimate sender, but they all work differently. Here’s how they work together:
SPF (Sender Policy Framework) verifies that an email has been sent from an IP address authorized to send emails from the sender’s domain.
DKIM (DomainKeys Identified Mail) cryptographically verifies that the sender’s address and message contents haven’t been changed in transit.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) ensures that the domain in DKIM and SPF checks matches the sender’s domain in the From field. It also specifies how email service providers should deliver a message that fails both DKIM and SPF — accept, reject, or mark it as spam.
SPF checks whether an incoming email has been sent from a mail server authorized to send mail from that domain.
First, you must create an SPF record that lists the IP addresses of the mail servers authorized to send mail from your domain. Then you’re ready to send messages with SPF as follows:
You send an email, for example, from the address you@yourdomain.com. Suppose the message is sent from one of your authorized email servers with the IP address 185.70.40.111.
When the email arrives, the receiving mail server checks the sender’s address in the Return-Path (also known as MAIL FROM) field of the email header and looks up the SPF record for your domain (in this example, yourdomain.com).
The receiving mail server checks whether the IP address from which the mail was sent (185.70.40.111) is listed in your SPF record.
If the IP address is listed, the message passes SPF; if it isn’t, it fails.
Note that in step 2. the receiving mail server looks up the SPF record for the domain in the Return-Path field, which doesn’t need to be the same as the domain in the From field. Even if the domain in the From address is spoofed and differs from that in the Return-Path, a message can pass SPF.
That’s why you need DMARC to verify that the domain in the SPF and DKIM checks matches the sender’s address in the From field.
What is an SPF record?
An SPF record is a type of DNS text record(nowe okno) that lists the IP addresses of the servers authorized to send email from a particular domain. SPF records are published on the domain’s DNS server, so any receiving mail server can look up the list to check whether an email has been sent from a trusted server.
SPF record example
Here’s an example of an SPF record with an explanation of what it means below:
v=spf1: The SPF version number. Every SPF record must begin with this tag.
ip4: The IP address(es) of the servers authorized to send email from your domain. They can be IPv4 or IPv6 addresses(nowe okno); IPv6 addresses use the tag ip6.
include: Instructs the server to check the SPF records of the additional domain mentioned. In this example, the server would look up _spf.protonmail.ch and add the IP addresses found there to the list of authorized addresses.
mx: Any IP addresses that match the mail servers listed in the MX records(nowe okno) of the sending domain. For example, Proton Mail uses mail.protonmail.ch and mailsec.protonmail.ch.
~all: Tells receiving email servers what to do if an email doesn’t pass SPF. The three most common all tags are:
~all: Mark the message as suspicious
–all: Reject the message
?all: Receiving email server decides (neutral recommendation)
However, since the introduction of DMARC, many email providers, including Proton Mail, no longer use these all tags. Apart from checking that the From field matches the domain in SPF and DKIM checks, DMARC tells servers what to do with messages that fail these checks, making the all tags redundant.
In the example above, the SPF record authorizes mail to be sent from:
185.70.40.111
The IP addresses found in _spf.protonmail.ch
The IP addresses of the mail servers listed in the domain’s MX records
If an email from this domain is received from an IP address not listed above, the message fails SPF and is treated as suspicious.
SPF and mail forwarding
One limitation of SPF is that it doesn’t work reliably with forwarded emails.
When forwarding a message, if the sending mail server replaces the original sender’s email address in the Return-Path (MAIL FROM) field with the forwarder’s address, the receiving server will check the SPF record of the forwarder’s domain. In this case, the message should pass SPF.
But not all email platforms rewrite the Return-Path field when forwarding. If the mail server preserves the original sender’s address in the Return-Path field, the receiving mail server will check the original sender’s SPF record. As this doesn’t include the IP address of the forwarding server, the message fails.
Fortunately, if an email fails SPF, it may still pass the DKIM check because DKIM verifies a message’s content, not its sending IP address. As long as you don’t change the content and structure of the original message, it should pass DKIM.
Why use SPF?
Along with DKIM and DMARC, SPF is one of the main ways you can protect your domain and ensure your emails get delivered. Here’s why you should use it:
Beat spammers and scammers
SPF makes it harder for cybercriminals to send messages pretending to be from your domain (email spoofing). Specifying trusted mail servers with SPF helps to prevent fraudsters from using your domain for spam and phishing attacks.
Improve email deliverability
SPF helps ISPs and email platforms identify legitimate emails. So using SPF increases the chances of your messages being delivered instead of ending up in the spam folder.
Boost your domain reputation
The more your emails pass authentication checks like SPF, the more you improve your domain’s reputation with email platforms. So SPF can help improve your emails’ deliverability in the long run.
Easy SPF authentication with Proton Mail
If you have your own domain, we strongly recommend setting up SPF, together with DKIM and DMARC, to improve your email security and deliverability.
Get Proton Mail Plus for a single domain, or get Proton Unlimited with support for three domains, 15 addresses, 500 GB of storage, and unlimited hide-my-email aliases.