📧 Email Deliverability
5 मिनट पढ़ें
SPF Records Guide
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/guide/spf-records-guide/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/guide/spf-records-guide/Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/guide/spf-records-guide/)Use the native HTML custom element.
Set up SPF records to authorize which servers can send email on behalf of your domain.
What Is SPF?
SPF (Sender Policy Framework) is a DNS-based email authentication method that specifies which mail servers are authorized to send email on behalf of your domain. It helps prevent email spoofing and improves deliverability.
How SPF Works
- You publish an SPF record in your domain's DNS
- When a receiving server gets an email from your domain, it checks the SPF record
- If the sending server's IP matches the SPF record, the email passes SPF
Sender: [email protected]
Sending Server: 198.51.100.5
DNS lookup: example.com TXT
SPF record: "v=spf1 ip4:198.51.100.0/24 -all"
Result: PASS ✓ (IP is in the allowed range)
SPF Record Syntax
An SPF record is a TXT record in DNS. It starts with v=spf1 and contains mechanisms:
v=spf1 ip4:198.51.100.0/24 include:_spf.google.com -all
│ │ │ │
│ │ │ └─ Fail everything else
│ │ └──────────────────────── Include Google's SPF
│ └───────────────────────────────────────────── Allow this IP range
└──────────────────────────────────────────────────── SPF version 1
Mechanisms
| Mechanism | Example | Description |
|---|---|---|
ip4 |
ip4:198.51.100.5 |
Allow specific IPv4 address or range |
ip6 |
ip6:2001:db8::/32 |
Allow specific IPv6 address or range |
include |
include:_spf.google.com |
Include another domain's SPF |
a |
a |
Allow the domain's A record IP |
mx |
mx |
Allow the domain's MX record IPs |
all |
-all |
Match everything (used at the end) |
Qualifiers
| Qualifier | Meaning | Result |
|---|---|---|
+ (default) |
Pass | Allow |
- |
Fail | Reject |
~ |
SoftFail | Accept but mark |
? |
Neutral | No policy |
Common Examples
Google Workspace Only
v=spf1 include:_spf.google.com -all
Google + Mailchimp
v=spf1 include:_spf.google.com include:servers.mcsv.net -all
Direct Server + Google
v=spf1 ip4:198.51.100.5 include:_spf.google.com -all
Common Mistakes
- Multiple SPF records — Only one TXT record with
v=spf1per domain - Using
+all— This allows anyone to send as your domain (defeats the purpose) - Too many DNS lookups — SPF has a 10 DNS lookup limit (include, a, mx each count)
- Forgetting third-party senders — Marketing tools, CRMs, and transactional email services need to be included