SPF Checker
Check SPF (Sender Policy Framework) records for email authentication. Also verify DKIM signatures and DMARC policies.
Enter your input above and click "Check" to see results.
SPF Checker FAQ
What is an SPF record?
SPF (Sender Policy Framework) is a DNS TXT record that lists which servers are allowed to send email for your domain. Receiving servers check it to reduce spoofing and improve deliverability.
Why is the SPF lookup limit 10?
RFC 7208 limits SPF evaluation to 10 DNS lookups (include:, a:, mx:, exists:, redirect:) to avoid slow or abusive checks. Exceeding the limit can cause receivers to reject or softfail your record.
Should I use ~all or -all?
Use -all (hard fail) when all legitimate senders are in your SPF—receivers will reject non-matching mail. Use ~all (softfail) only for testing; many receivers still accept or quarantine softfail.
Why does SPF fail even when record exists?
Common causes: the sending IP is not covered by your mechanisms, you have multiple SPF records (only the first is used), the record exceeds 10 lookups, or the receiving server uses a different DNS resolver with cached or different results.
How to fix multiple SPF records?
Merge all mechanisms into a single TXT record starting with v=spf1. Keep one include: per provider if needed, then end with -all or ~all. Remove any duplicate TXT records that start with v=spf1.