SPF Record Checker & Validator

Free tool to check and validate your SPF (Sender Policy Framework) records. Ensure proper email authentication and compliance with RFC 7208 standards.

Check Your SPF Record

About SPF Records

SPF (Sender Policy Framework) is an email authentication method defined in RFC 7208 that allows domain owners to specify which mail servers are authorized to send email on behalf of their domain.

Key SPF Components:

  • v=spf1: SPF version identifier
  • include: Include another domain's SPF record
  • a: Authorize domain's A record IPs
  • mx: Authorize domain's MX record IPs
  • ip4/ip6: Authorize specific IP addresses
  • all: Default action (+all, ~all, -all)

SPF Qualifiers:

  • +: Pass (default, usually omitted)
  • -: Fail (hard fail)
  • ~: Soft fail (recommended)
  • ?: Neutral

Common SPF Examples

Google Workspace:

v=spf1 include:_spf.google.com ~all

Microsoft 365:

v=spf1 include:spf.protection.outlook.com ~all

Multiple Providers:

v=spf1 include:_spf.google.com include:mailgun.org include:_spf.salesforce.com ~all

With IP Addresses:

v=spf1 ip4:192.168.1.1 include:_spf.google.com ~all

SPF Best Practices

  • Keep DNS lookups under 10 to avoid validation failures
  • Use ~all (soft fail) instead of -all (hard fail) initially
  • Test changes thoroughly before implementing
  • Monitor DMARC reports to verify SPF alignment
  • Remove unused include mechanisms
  • Use ip4/ip6 for static IP addresses when possible
  • Implement SPF gradually with monitoring