SPF (Sender Policy Framework) is a DNS TXT record where the domain owner declares which IPs are allowed to send email on their behalf. Example: "v=spf1 include:_spf.google.com ~all". Receiving mail servers check SPF and flag letters as spam on mismatch. Protects against email spoofing and phishing.
Free online tool — email check checker: instant results, no signup.
SPF (Sender Policy Framework) is a DNS TXT record where the domain owner declares which IPs are allowed to send email on their behalf. Example: "v=spf1 include:_spf.google.com ~all". Receiving mail servers check SPF and flag letters as spam on mismatch. Protects against email spoofing and phishing.
The syntax of an SPF record is crucial for its proper functioning. An SPF record is typically defined as a single line of text in the DNS zone file of your domain. It begins with the version identifier, followed by mechanisms and modifiers. The basic syntax is as follows:
v=spf1 [mechanisms] [modifiers] Here's a breakdown of the components:
spf1 is valid.ip4:: Allows a specific IPv4 address.ip6:: Allows a specific IPv6 address.include:: Allows the IPs specified by another domain's SPF record.all: Matches any sender. Often used as the last mechanism.exp=: Specifies a custom error message.redirect=: Redirects to another domain's SPF record.For example, an SPF record might look like this:
v=spf1 ip4:192.0.2.0/24 include:_spf.example.com -all This record allows emails from the specified IP range and any IPs listed in _spf.example.com, while rejecting all others.
Misconfiguring your SPF record can lead to significant issues, including email delivery failures and increased vulnerability to spoofing. Here are some common misconfigurations to be aware of:
include mechanisms or uses the redirect modifier, you may exceed this limit, causing legitimate emails to be marked as invalid.all mechanism should be used wisely. For example, using ~all (soft fail) instead of -all (hard fail) can allow some unauthorized senders, which may increase the risk of spoofing.To troubleshoot SPF issues, use online SPF validators that can help analyze your record and highlight potential problems. Regularly review and update your SPF record to adapt to changes in your email sending infrastructure.
Configuring an SPF record involves editing your domain's DNS settings. Below is a step-by-step guide to creating an SPF record:
192.0.2.1 and use mailchimp.com for marketing emails, your record might look like this:v=spf1 ip4:192.0.2.1 include:servers.mcsv.net -all v=spf1 ip4:192.0.2.1 include:servers.mcsv.net -all).By following these steps, you can effectively configure an SPF record that helps protect your domain from email spoofing and improves email deliverability.
Proper SPF, DKIM, and DMARC configuration directly impacts email deliverability. Without these records, your emails land in spam or are rejected before delivery.
SPF record correctness: syntax, allowed server list, fail mechanism.
Presence and validity of DKIM signature for the specified selector.
DMARC record parsing: policy, rua/ruf reports, SPF and DKIM alignment.
Numerical delivery readiness score with improvement recommendations.
mailing list verification
registration validation
CRM contact check
mail delivery troubleshooting
?all means "neutral" — that's not protection. Use -all.p=none only collects reports. Move to p=quarantine or p=reject.rua=mailto:dmarc@yourdomain.com — receive weekly aggregate reports.Email check history and API keys for service integration.
Sign up freeIf you work with web infrastructure or APIs, almost certainly yes. See the article above for specific use cases.
Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.