1.Determine your SPF Policy:Decide which servers are allowed to send emails on behalf of your domain. This could include your own mail servers, third-party email marketing services, etc.2.Create the SPF Record:SPF records are added as a TXT record in your domain’s DNS settings. Here’s the general format of an SPF record:
v=spf1: Indicates the start of the SPF record.
[mechanisms]: This is where you list the mechanisms that define who is allowed to send email on behalf of your domain. Common mechanisms include:
ip4: Specifies IPv4 addresses allowed to send email.
ip6: Specifies IPv6 addresses allowed to send email.
a: Allows the specified domain’s A record IP addresses to send email.
include: Refers to the SPF record of another domain, allowing its authorized servers to send email.
mx: Allows the MX record IP addresses (mail servers) to send email.
ptr: Validates the domain in the PTR record of the sending server’s IP address.
-all: Specifies a strict policy that indicates that any server not matching the specified mechanisms should not send email on behalf of the domain. This is recommended for added security.
Example SPF Records:
Here are a few examples of SPF records with different configurations:
Allowing only your own mail server to send emails:
makefileCopy codev=spf1 ip4:220.127.116.11 -allAllowing your mail server and Google Workspace (formerly G Suite) servers:
makefileCopy codev=spf1 ip4:18.104.22.168 include:_spf.google.com -allAllowing your mail server and a third-party service:
makefileCopy codev=spf1 ip4:22.214.171.124 include:third-party.com -allAdd the SPF Record to DNS:Access your domain’s DNS management interface (usually provided by your domain registrar or DNS hosting provider). Create a new TXT record with your domain as the host and the SPF record as the value.
Check SPF Record Validity:After adding the SPF record, give it some time to propagate across the DNS system. You can then test your SPF record using various online SPF validators to ensure that it’s correctly configured.
Remember that modifying DNS records can impact email deliverability, so be sure to double-check your SPF record’s syntax and configuration before making changes. Additionally, SPF records have a limit to the number of DNS lookups they can include, so be cautious about including too many domains in your SPF record.