Glossary
Email

SPF (Sender Policy Framework)

An email authentication method that specifies which servers can send email from your domain.

SPF is a DNS TXT record that lists all servers authorized to send email on behalf of your domain. It helps prevent email spoofing and improves deliverability.

How SPF Works:

  1. You publish authorized senders in a TXT record
  2. Someone sends email claiming to be from your domain
  3. Receiving server checks your SPF record
  4. If sender's IP isn't authorized, email may be marked as spam

SPF Record Syntax:

v=spf1 [mechanisms] [qualifier]all

Key Mechanisms:

  • include: - Authorize another domain's SPF
  • ip4: - Authorize specific IPv4 address
  • ip6: - Authorize specific IPv6 address
  • a - Authorize your domain's A record IPs
  • mx - Authorize your MX server IPs

Qualifiers:

  • ~all (softfail) - Not authorized, but accept anyway
  • -all (fail) - Reject unauthorized senders
  • ?all (neutral) - No statement about authorization

Common SPF Examples:

Google Workspace:

v=spf1 include:_spf.google.com ~all

Multiple services:

v=spf1 include:_spf.google.com include:sendgrid.net ~all

Important Rule: Only ONE SPF record per domain. Combine all includes into a single record.

Why It Matters

SPF prevents others from sending spam that appears to come from your domain. It also improves your legitimate email's deliverability by proving you're an authorized sender.

Practical Example

You use Google Workspace for email and SendGrid for marketing emails. Your SPF record includes both: v=spf1 include:_spf.google.com include:sendgrid.net ~all

Related Terms

DKIM (DomainKeys Identified Mail)

Email

An email authentication method that adds a digital signature to verify message authenticity.

DMARC (Domain-based Message Authentication)

Email

An email protocol that builds on SPF and DKIM to prevent email spoofing.

Explore More Terms

Browse our complete glossary of domain name terminology.

View GlossaryDomain Generator