Email SPF Policy Checker

Check SPF (Sender Policy Framework) records for email authentication and deliverability. Analyze which servers are authorized to send email for your domain and assess delivery risk.

SPF Examples

SPF Policy Check

Domain Name

Understanding SPF for Email

SPF Mechanisms

ip4/ip6: Authorize specific IP addresses or networks

a/mx: Authorize servers from A or MX records

include: Include another domain's SPF policy

all: Final policy decision (+pass, ~soft fail, -hard fail)

Email Deliverability

Hard Fail (-all): Best security, blocks unauthorized senders
Soft Fail (~all): Marks suspicious, doesn't block delivery
No SPF: High spoofing risk, may affect deliverability
Too many lookups: Can cause delivery failures

Best Practices

Use -all for hard fail when possible
Keep DNS lookups under 10 (preferably under 5)
Test SPF changes before deployment
Monitor email delivery after SPF changes

Common SPF Examples

v=spf1 include:_spf.google.com ~all Use Google Workspace with soft fail

v=spf1 ip4:192.168.1.1 -all Only allow specific IP with hard fail

v=spf1 a mx -all Allow A and MX record servers with hard fail

NetoStack

Email SPF Policy Checker

SPF Examples

gmail.com

outlook.com

salesforce.com

mailchimp.com

github.com

sendgrid.com