What does the SPF record define?

SPF lists the hosts and networks authorized to send email on behalf of a domain. Receivers use it to detect forged senders.

What does ~all versus -all mean?

The all mechanism sets the default policy: ~all is a soft fail (mark as suspicious) while -all is a hard fail (reject unauthorized senders).

Why does the SPF lookup limit matter?

SPF allows at most ten DNS-querying mechanisms during evaluation; exceeding this causes a permerror and the policy may be ignored.

SPF Check

Find and parse a domain's SPF record and its policy.

No results yet

Enter a domain above and press Run to start the check.

About the SPF Check

SPF Check finds and parses a domain's Sender Policy Framework record, published as a TXT record beginning with v=spf1. It breaks down the mechanisms and qualifiers, such as include, a, mx, ip4, and the all policy, so you can see exactly which servers are authorized to send mail for the domain. Correct SPF helps prevent spoofing and improves the chances that legitimate mail reaches the inbox.

How to use

Enter the domain whose SPF policy you want to review.
Run the check to locate and parse the v=spf1 TXT record.
Inspect the listed mechanisms and the final all qualifier.

Frequently asked questions

What does the SPF record define?: SPF lists the hosts and networks authorized to send email on behalf of a domain. Receivers use it to detect forged senders.
What does ~all versus -all mean?: The all mechanism sets the default policy: ~all is a soft fail (mark as suspicious) while -all is a hard fail (reject unauthorized senders).
Why does the SPF lookup limit matter?: SPF allows at most ten DNS-querying mechanisms during evaluation; exceeding this causes a permerror and the policy may be ignored.

About the SPF Check

How to use

Frequently asked questions

Related Email tools