SPF (Sender Policy Framework) is a sender authentication method. It tells the receiving mail server whether the sending mail server is allowed to send e-mails with the domain (user@example.com) of the sender email address.

The sender email address is typically the From-Header or Sender-Header. (I recommend using the From-Header exclusively to get the highest chance of delivery)

TXT Record

If you send your e-mails directly over your own mail server (e.g. mailenable) a txt record could look like this.

v=spf1 +a +mx -all

If you send your e-mails over a smart host / relay (mailchannels, sendgrid, mailgun, etc.) service a txt record could look like this.

TXT  your-domain.com  v=spf1 +include:relay.mailchannels.net -all

The meaning of "+, -, ~, ?" prefixes

  • + Pass - authorized (default value, can be omitted)
  • - Fail - NOT authorized
  • ~ Softfail - NOT authorized but treated generous
  • ? Neutral - treated like not defined

To specify the mail server(s) of a domain we can set the following parameters.

  • +a (resolve and include the the IP of the current, owning A-Record)
  • +mx (resolve and include the the IP of the current, owning MX-Record)
  • +ip4 (include specified IPv4 address)
  • +ip6 (include specified IPv6 address)
  • +include (e.g. _spf.google.com, include an additional SPF)
  • -all (exclude everything else)


Check your SPF txt record