CipherTrust says it has incorporated “anti-spoofing and anti-phishing” protocol Sender Policy Framework (SPF) into the company’s IronMail appliance.

SPF is an anti-spoofing tool that compares the envelope sender domain against the client IP address before any message data is transmitted. Domains publish SPF records to announce the IP addresses of their outbound email servers.

As part of IronMail 4.0, the SPF domain registry is used as a data point in IronMail’s correlation engine, Enterprise Spam Profiler.

CipherTrust’s FirstAct service will provide the company’s customers with automatic updates from the SPF registry on an ongoing basis, as well as assistance in registering their more than 1500 domains with SPF.

In introducing email authentication standards into its product offering, CipherTrust says it is working with other members of the email ecosystem to define and deploy other email authentication protocols.

“Over the last few months, phishing scams have spoofed companies such as eBay, Citibank, and Bank of America,” said Paul Judge, CipherTrust’s chief technology officer. “In order to both protect our customers’ brands and help solve the global spam epidemic, CipherTrust is leading the email security and anti-spam industry by deploying techniques to authenticate the senders of good mail, and protocols like SPF are a critical component of this approach.”