GFI MailEssentials 10.1 Supports the Sender Policy Framework (SPF)

As most of today’s spammers spoof email addresses, it is important to be able to check whether an email is genuine or if it has been sent from a forged sending address. This can be done via the Sender Policy Framework (SPF), which allows users to test whether a particular email originates from its claimed source. GFI MailEssentials is one of the first commercial anti-spam solutions to support this framework. Its new SPF module automatically checks whether the mail from a particular company was actually sent by its registered mail servers.

Sender Policy Framework fights email address forgery and makes it easier to identify spams, worms, and viruses. This is how it is done in a nutshell. Recipient of an email checks the sender's envelope if the sender's IP address matches the sender's domain. If there is a mismatch, the email is considered forged. The matching technique is accomplished by performing a reverse DNS lookup on the domain.

Because of this, the machine running MailEssentials/SPF needs to be the first server that receives emails from the internet. If inbound emails arriving to the server are being relayed through another server, then the SPF checks will fail because the IP address that SPF sees is the one of the relay and not of the sender.

More Info:
http://www.microsoft.com/mscorp/twc/privacy/spam_senderid.mspx http://spf.pobox.com

List of early adopters of Sender Policy Framework
Better known domains adopting SPF e.g. symantec.com, mcafee.com, redhat.com, aol.com, altavista.com, amazon.com, google.com, perl.org, earthlink.net, freebsd.org, gnu.org, linux.org, oreilly.com, spamhaus.org, ticketmaster.com, w3.org, boeing.com, dell.com, debian.org, hotmail.com, hp.com, nai.com, paypal.com, yahoo.com, ibm.com, intel.com, ebay.com etc.

Link to current Sender Policy Framework adoption rate
http://spftools.infinitepenguins.net/register.php

Sources: KBID002159