Domain admins need to examine what mail servers are being used by their domain to deliver emails. They need to list down all the mail servers and sources that send emails on the domain’s behalf.
How to Create an SPF TXT Record?
What is an SPF Record?
An SPF record, also known as the SPF TXT record, is a DNS record similar to a DMARC record that is part of a domain’s DNS. It has a list of all the IP addresses that are allowed to send emails on the domain’s behalf. You can create your own SPF record by following the steps mentioned below.
For more information on an SPF record, click here.
Step 1: List IP addresses that are used to send emails
Step 2: List all sending domains
Domain admins must ensure that all domains under their ownership have SPF records published even if a few authorized domains are no longer used to send emails regularly.
Step 3: Create the SPF record
Follow the following steps to create your SPF record:
- An SPF record should always start with the version number v=spf1 (version 1). This tag defines the record as SPF.
- Add all IP addresses that are authorized to send an email on the domain’s behalf.
- For any third-party organization that sends emails on the domain’s behalf, you may use an ‘include’ tag, such as include:newdomain.com.
- You should end the record with an ‘all’ tag once all IP addresses have been implemented and include tags. The ‘all’ tag has the following basic types:
> -all: Servers that aren’t listed in the SPF record are not authorized to send emails, i.e, emails that fail will be rejected.
> ~all: If the email is received from a server that isn’t listed, the email will be marked as a soft fail, i.e emails will be accepted but marked.
> +all: It is not recommended to use this option as this tag allows any server to send emails from your domain.
Step 4: Publish the created SPF record into your DNS
The SPF record must be added to DNS. The organization can do this internallly or request the DNS provider to publish the record if the organization has access to the dashboard offered by the DNS provider. Follow these steps to access the DNS manager:
- Log in to your domain account
- Locate the page to update the domain’s DNS records
- Choose the domain records that you wish to change
- Open the DNS manager
- Log in to your domain account
- Create a new TXT record in the TXT (text) section
- Set the Host field to the name of your domain
- Fill your SPF record in the TXT Value field
- Specify the Time To Live (TTL) (Optional)
- Click ‘Save’ or ‘Add Record’ to publish the SPF TXT record into your DNS
Step 5: Test your SPF record
After setting up the SPF record, validate it using EmailAuth’s SPF record Checker.
You’ll be able to view what your recipients see. You can include one or more of your valid sending IP addresses if they aren’t mentioned.