Free SPF Record Generator
Create a valid SPF record in seconds. Select your email providers, add any custom sending IPs, and copy your record straight into DNS.
Choose all the services that send email on behalf of your domain.
Add any additional IP addresses that send email for your domain.
What should happen to emails from unauthorized senders?
Already have SPF set up? Check your existing SPF record
What is SPF?
SPF (Sender Policy Framework) is an email authentication protocol that helps receiving mail servers verify that incoming email was sent from an authorized source. It works by publishing a DNS record that lists all the IP addresses and third-party services allowed to send email on behalf of your domain.
When someone receives an email claiming to be from your domain, their mail server looks up your SPF record and checks whether the sending server is on your authorized list. If it is not, the email can be rejected or marked as spam.
How SPF protects your domain
Prevents email spoofing
Without SPF, anyone can send emails that appear to come from your domain. Spammers and phishers exploit this to impersonate your brand. SPF makes it much harder for bad actors to send fraudulent emails using your domain name.
Improves deliverability
Gmail, Microsoft, Yahoo, and other major providers check SPF when deciding where to deliver your email. A properly configured SPF record is a positive trust signal that helps your emails reach the inbox instead of spam.
Required for bulk senders
Since February 2024, Google and Yahoo require SPF (along with DKIM and DMARC) for anyone sending more than 5,000 emails per day. Without it, your emails may be rejected outright.
Enables DMARC
DMARC (Domain-based Message Authentication) relies on SPF and DKIM to work. Without SPF in place, you cannot fully implement DMARC, which is the standard for email authentication.
Understanding SPF syntax
An SPF record starts with v=spf1 to identify it as an SPF record. After that, you list your authorized senders using mechanisms like:
include:domain.com- authorize a third-party service (like Google Workspace or SendGrid)ip4:192.0.2.1- authorize a specific IPv4 addressip6:2001:db8::1- authorize a specific IPv6 addressa- authorize the IP addresses in your domain's A recordmx- authorize the servers listed in your MX records
The record ends with an "all" mechanism that tells receivers what to do with unauthorized senders. Use ~all (soft fail) while testing, then switch to -all (hard fail) once you have confirmed all legitimate senders are included.
How to set up your SPF record
- Generate your SPF record using the tool above. Select all the services you use to send email and add any custom sending IPs.
- Copy the generated record including the full value starting with v=spf1.
- Add the TXT record to your domain's DNS settings. Log into your DNS provider (like Cloudflare, GoDaddy, or Namecheap) and create a new TXT record at the root (@) of your domain.
- Wait for propagation - DNS changes typically take 15-60 minutes, but can take up to 48 hours.
- Verify the setup using our SPF Lookup tool or Email Domain Checker to confirm the record is published correctly.
SPF, DKIM, and DMARC: the complete picture
SPF is one part of a three-layer email authentication system. SPF verifies the sending server is authorized. DKIM adds a cryptographic signature to prove the email was not altered. DMARC ties them together and tells receivers what to do when authentication fails.
For the best deliverability and security, you should have all three configured. Use our DKIM Generator to create your DKIM keys, and our DMARC Record Generator to create your DMARC policy.
Want to automate your email deliverability?
SendScale handles warm-up, authentication monitoring, and inbox placement so your emails actually land.
Try SendScale FreeFrequently Asked Questions
SPF (Sender Policy Framework) is a DNS TXT record that lists all the servers and IP addresses authorized to send email on behalf of your domain. When a receiving server gets an email claiming to be from your domain, it checks your SPF record to verify the sender is legitimate.