SPF
Every email term you need to master email marketing and email deliverability, explained clearly and simply.
Email Authentication
Definition
SPF (Sender Policy Framework) is an email authentication protocol that allows domain owners to specify which mail servers are authorized to send emails on behalf of their domain. Receiving servers check SPF records to verify that incoming emails come from authorized sources.
Why SPF Matters
SPF helps prevent email spoofing, where attackers send emails pretending to be from your domain. Without SPF, anyone can forge your email address and send malicious emails that appear to come from you. SPF is essential for protecting your brand reputation and ensuring your legitimate emails reach recipients.
How SPF Works
When you send an email, the receiving server looks up your domain's SPF record in DNS. This record contains a list of IP addresses and servers authorized to send mail for your domain. If the sending server's IP matches the SPF record, the email passes SPF authentication. If not, it may be marked as suspicious or rejected.
SPF Best Practices
Include all IP addresses and services that send email for your domain
Use the ~all or -all mechanism to specify how to handle unauthorized senders
Keep your SPF record under the 10 DNS lookup limit
Update SPF records when adding new email services or ESPs
Combine SPF with DKIM and DMARC for complete authentication
Frequently Asked Questions
What is an SPF record?
An SPF record is a TXT record in your domain's DNS that lists all servers authorized to send email for your domain. It typically looks like: v=spf1 include:_spf.google.com ~all
What does SPF ~all vs -all mean?
~all (softfail) means unauthorized emails should be marked as suspicious but still delivered. -all (hardfail) means unauthorized emails should be rejected. Start with ~all and move to -all once you've confirmed all legitimate senders are included.
Related Terms
Related Articles
Ready to Verify Your Emails?
Start using BillionVerify today. Verify emails with 99.9% accuracy.
99.9% SMTP-level accuracy · Real-time API & bulk verification · 5-minute setup