skip to Main Content

Set up SPF

  • Updated on June 27, 2022

SPF (Sender Policy Framework) is used to restrict which mail servers are allowed to send email for your domain name. This framework is designed to detect and block email spoofing by providing a mechanism to allow receiving mail exchangers to verify that incoming mail from a domain comes from an IP Address authorized by that domain’s administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records in the form of an SPF record which is a specially formatted TEXT record.

Existing SPF record

If you have an existing SPF record, ensure the following is added:

New SPF record

If you do not have an SPF record, you need to add a TXT record:

v=spf1 -all

The SPF record must contain each of these sections:

  • v=spf1: this is the version of the SPF record
  • this allows use of the SpamBull server SPF record
  • -all: this means to exclude everything else (cause a hard fail)

Suppose you have a contact form on the website (which is a server) and other servers that need to send on behalf of your domain, you have to add them as a mechanism to the SPF record.

An example how the SPF record will look like:

v=spf1 a -all

Publish SPF record

Publish the TXT record to the authoritative DNS server for your domain. Instructions on how you can do this will differ from each domain provider. For assistance, please get in touch with your domain provider.

An example of the SPF record in the domain’s public DNS:

Verify SPF record

For SPF authentication to pass, all these conditions must be met:

  • You have exactly 1 SPF record on your domain
  • The record’s syntax is correct
  • The total number of DNS lookups can’t exceed 10

An excellent way to verify the SPF record is to use MxToolBox and fill in the domain.

You successfully configured the SPF record.