Here's a quick peek at some new data -- and it surprised me! Of the top ten million domains, only about half of them publish SPF records. I'm not even talking about SPF records proven valid; just counting anything with v=spf1 in a DNS TXT record at the topmost (apex) level for a domain name.
Why would you not publish an SPF record? Well, probably because you think that you don't have to, if you don't plan to use that domain for email. But, along with a DMARC record, that SPF record can be an essential part of telling the world that this domain is not being used for email, and can help ensure that you're doing everything possible to discourage spoofing of that domain.
But, we have to keep this in mind: SPF adoption here is broader than DMARC adoption. DMARC adoption in the top 10 million is at around 20%, but here, SPF adoption is just over 50%. I guess that's good; that means there are three million-ish domains managed by folks who have not yet partnered with a DMARC vendor (or conquered DMARC on their own) who at least have begun some first step on an email authentication journey. I think that's a positive spin to put on it, and I think that's a good place to end today's post.
Here's the data in plain text. SPF records in the top ten million domains:
Jun 2023: 4560988 (45.61% of 10 mil)
Jul 2023: 5288720 (52.89% of 10 mil)
Aug 2023: 5276065 (52.76% of 10 mil)
Sep 2023: 4838931 (48.39% of 10 mil)
Oct 2023: 4921770 (49.22% of 10 mil)
Nov 2023: 4912642 (49.13% of 10 mil)
Dec 2023: 4882805 (48.83% of 10 mil)
Jan 2024: 5335259 (53.35% of 10 mil)
Feb 2024: 5369784 (53.70% of 10 mil)
Mar 2024: 5135918 (51.36% of 10 mil)
Apr 2024: 5107324 (51.07% of 10 mil)
May 2024: 5100351 (51.00% of 10 mil)
Jun 2024: 5090579 (50.91% of 10 mil)
Jul 2024: 5068426 (50.68% of 10 mil)
Aug 2024: 5052588 (50.53% of 10 mil)
What say you? Does this data draw you to come up with your own, differing analysis? As always, I welcome your feedback.
Here's a quick peek at some new data -- and it surprised me! Of the top ten million domains, only about half of them publish SPF records. I'm not even talking about SPF records proven valid; just counting anything with v=spf1 in a DNS TXT record at the topmost (apex) level for a domain name.
Why would you not publish an SPF record? Well, probably because you think that you don't have to, if you don't plan to use that domain for email. But, along with a DMARC record, that SPF record can be an essential part of telling the world that this domain is not being used for email, and can help ensure that you're doing everything possible to discourage spoofing of that domain.
But, we have to keep this in mind: SPF adoption here is broader than DMARC adoption. DMARC adoption in the top 10 million is at around 20%, but here, SPF adoption is just over 50%. I guess that's good; that means there are three million-ish domains managed by folks who have not yet partnered with a DMARC vendor (or conquered DMARC on their own) who at least have begun some first step on an email authentication journey. I think that's a positive spin to put on it, and I think that's a good place to end today's post.
Here's the data in plain text. SPF records in the top ten million domains:
Comments
Post a Comment
Comments policy: Al is always right. Kidding, mostly. Be polite, please and thank you.