How it works
- Choose the services or include mechanisms that send mail for the domain.
- Pick a fail policy, then copy the generated TXT record into your DNS provider.
- Check the result with the DNS checker after propagation.
SPF tells receivers which mail servers are allowed to send for a domain. This generator helps avoid duplicate records and overly loose defaults.
Sending sources
Select at least one sending source.
Examples
v=spf1 include:_spf.google.com include:sendgrid.net ~all
One SPF record lists known senders and uses a cautious softfail while monitoring.
v=spf1 +all
This authorizes every sender and removes SPF's value as an authentication signal.
Use the capacity calculator before provisioning many sending domains.
Validate the SPF record and lookup count after publishing.
Create a DMARC policy that can use SPF alignment.
Plan inbox count before creating DNS records at scale.
Follow the full domain, DNS, and authentication workflow behind the check.
No. Publish one TXT record that starts with `v=spf1`. Multiple SPF records commonly cause SPF permerror.
Not by default. Many teams start with softfail while verifying every legitimate sender, then tighten policy when evidence supports it.