SPF Record Checker
Look up any domain's SPF record, validate the syntax, and count DNS lookups — free, no signup.
What is SPF?
SPF, or Sender Policy Framework, is an email authentication method that prevents sender address forgery by specifying which mail servers are permitted to send emails on behalf of a domain. It's implemented by adding an SPF record to the domain's DNS records, which lists authorized sending IP addresses. Email receivers can then verify if incoming emails originate from the listed servers, reducing spam and phishing.
Email authentication knowledge base
The building blocks of an SPF record explained.
- v
- The version tag must exclusively be “spf1”. Incorrect or missing versions result in the SPF record being disregarded.
- ip4
- This tag lists IPv4 addresses authorized to send emails for the domain.
- ip6
- This tag specifies IPv6 addresses permitted to email on the domain’s behalf.
- a
- The A record tag permits sender validation via the domain’s IP address, defaulting to the current domain if unspecified.
- mx
- The MX record tag validates the mail server’s MX record, defaulting to the current domain if not specified.
- ptr
- The PTR tag initiates a PTR check for client IP hostnames, advised against in RFC 7208 due to excessive DNS lookups.
- exists
- The exists tag verifies the presence of an A record on the specified domain.
- include
- The include tag is crucial for accurate SPF records, confirming all listed domains/subdomains as legitimate sending sources to recipients.
- all
- The all tag is mandatory, positioned at the SPF record’s end, guiding recipients on handling emails from unauthorized sources based on its qualifiers (~, +, -, ?).