SPF (Sender Policy Framework)

SPF is a TXT record that lists which mail servers are allowed to send email for your domain. It is one of the core email authentication signals and is evaluated by many mail providers.

What SPF does

SPF helps prevent spoofing by authorizing senders. It uses mechanisms like include, ip4, and mx. You can validate your SPF with the SPF check tool and review the raw TXT value with the TXT lookup tool.

Common mistakes

• Publishing multiple SPF records for the same domain.
• Using +all, which effectively allows any sender.
• Exceeding the DNS lookup limit of 10 by chaining too many includes.
• Leaving out a sending service after a provider change.

How to check SPF online

Start with the Email DNS Check to see SPF alongside MX, DMARC, and DKIM. If SPF fails, review related policy guidance in the DMARC wiki and confirm TXT formatting in the TXT record guide.

Practical examples

• v=spf1 include:_spf.google.com -all
• v=spf1 ip4:203.0.113.10 include:spf.mailprovider.com ~all

Related records

SPF is often used with DMARC and TXT. If you rely on DKIM, verify the selector TXT record using the TXT lookup tool.