Design & Development, Email, How To, Tutorials

All About SPF Records


Tweet about this on TwitterShare on FacebookShare on LinkedInEmail this to someone

SPF records list the authorized sending hosts for a particular domain name. A receiving mail client can then check that incoming mail comes from a host authorized to be sending mail from a particular domain. This allows mail clients to check that an e-mail’s sender address isn’t being spoofed.

As a sender of legitimate e-mail, you can use SPF records for your domains to help prevent the e-mail you send from being flagged as spam or a phishing attempt.

A text record will look something like the following:

@ IN TXT "v=spf1 a a:subdomain.example.com ip4:12.34.5.6 ip4:65.43.2.1 ~all"

v=spf1 starts the record and indicates that the record is an SPF record.

~all ends the record and specifies what to do with an email that fails an SPF check.

~all indicates that the e-mail will be marked as failed, but still delivered.
You can also end the record with -all to reject mail that fails the check, or +all to accept the mail regardless of the check.

The rest of the record consists of a list of servers that are authorized to send e-mail from the domain name. There are a variety of ways that entries can be listed, as follows:

a the domain name itself

a:HOSTNAME another hostname

mx the mx record for the domain name itself

mx:example.com the mxrecord for another domain name

ip4:12.34.5.6 an IP address

ip6:12.34.5.6 an IPv6 address

include:example.com also include the TXT record for another domain name

Both TXT records and SPF records can be used; different systems will check for SPF information in different records. We recommend using both in order to ensure that any system can check the SPF record. If you are using both TXT records and SPF records for SPF information, both records must be identical.

pair Networks’ customers can add SPF records for their domains using the Account Control Center. First, access the Custom DNS interface in the ACC, as follows:

  • Log in to your Account Control Center
  • Select Manage Your Domain Names under the Domains menu.
  • Select the domain name you’d prefer to work on.
  • Select Manage Custom DNS Records
  • Select Add New Custom DNS Records
  • Change type of record to TXT and SPF, then click Proceed

More information on SPF record syntax, and the implications of using SPF records, can be found on the SPF Project website:

http://www.openspf.org/SPF_Record_Syntax