Login
    Contents x
    Understanding SPF Records
    • 08 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Understanding SPF Records

    • Updated on 08 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    SPF, "Sender Policy Framework", is a mechanism used to fight spam email messages, by allowing domain owners to specify which sources of email should be considered a valid source of email for that domain name. Mail server operators rely on SPF to decide whether an incoming mail message should be accepted or rejected based on its origin.
    Through creating a DNS record, the SPF record for a domain name announces to receiving mail servers "these records are trusted sources of email from my organisation." Thus, when sending email, you would want to create an SPF record for your domain name and have it be accurate in order to improve the deliverability of your mail messages.

    Below would be considered a minimum requirement for an SPF record:

    TXT " v=spf1 +a +mx ~all "

    An SPF record is processed from left to right, so to understand what is happening here, there are a few common operators:
    a this operator permits the "A record" of the domain name to be a valid sender of this domain
    mx this operator permits the "MX record" of the domain name to be a valid sender of this domain
    all this operator, sometimes written as ~all or ?all advises the receiving mail server how to handle the request if mail comes from a source that is not specified in the SPF record

    ~all is SOFTFAIL (accept anything but apply further scrutiny to origins outside of specified)
    -all is FAIL (reject anything that isn't specified in the SPF)
    ?all is NEUTRAL (mail outside of the SPF record is not qualified as good or bad)
    +all is ALLOW ALL (anything can send mail on behalf of this domain, this should never be used)

    include specifies the inclusion of SPF records from a third party, such as google mail or a mail relaying service like MailChimp ( e.g. include:_spf.google.com ). These records should be stipulated by the third party.

    Things to Note

    • Using an SPF record doesn't guarantee mail delivery, just reduces your chances of being rejected or considered a spam sender
    • Incorrect or broken SPF records will lead to rejections, always validate records before applying them (http://www.kitterman.com/spf/validate.html )
    • Some Mail servers require you to have an SPF record, some don't care at all.
    • cPanel servers have built in scripts for enabling SPF globally
    • You can use online tools such as https://mxtoolbox.com/SPFRecordGenerator.aspx to generate SPF records
    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence