What is an SPF record?

An SPF (Sender Policy Framework) record is a DNS TXT record that specifies which mail servers are authorised to send email on behalf of your domain.

Why should I have an SPF record?

SPF helps prevent email spoofing and phishing. Without an SPF record, attackers can send email pretending to be from your domain.

SPF Record Checker

Enter a domain to look up and validate its SPF TXT record.

Domain Name

Server processing — your query is handled securely on our servers.

How to use SPF Record Checker

The SPF Check tool looks up a domain’s Sender Policy Framework record and parses it so you can see exactly which servers are authorised to send email on its behalf. SPF is a TXT record that receiving mail servers consult to decide whether a message’s sending server is legitimate; a missing, malformed or overly permissive SPF record is a leading cause of mail landing in spam or being spoofed. Use this tool to confirm your provider’s includes are present, to count DNS lookups against SPF’s strict limit, and to spot syntax errors before they hurt deliverability.

Enter the domain whose SPF record you want to validate.
Click Check to fetch and parse the published SPF TXT record.
Review each mechanism (include, a, mx, ip4, ip6) and the final qualifier.
Confirm the lookup count stays within the 10-lookup SPF limit.
Fix any errors at your DNS host and re-check to verify.

Anatomy of an SPF record

An SPF record begins with v=spf1 and lists mechanisms that authorise senders, ending with an all mechanism that sets the default. Each mechanism can authorise a specific IP range (ip4, ip6), the domain’s own A or MX hosts, or another domain’s policy via include. The qualifier before all decides what happens to mail from unlisted servers: ~all (softfail) marks it suspicious, while -all (hardfail) rejects it outright. Choosing -all is stronger but requires that every legitimate sender is listed first.

SPF qualifiers on the all mechanism
Syntax	Meaning	Effect on unlisted senders
+all	Pass	Allows everyone — never use
~all	Softfail	Accept but mark suspicious
-all	Hardfail	Reject the message
?all	Neutral	No policy stated

The ten-lookup limit

SPF evaluation is capped at ten DNS lookups; if your record’s includes and mechanisms exceed that, receivers return a permerror and may treat all your mail as unauthenticated. Each include, a, mx, ptr and redirect counts toward the limit, and nested includes count too. Large organisations using several email vendors hit this ceiling easily. The fix is to flatten or consolidate includes, remove unused vendors, or use a provider that publishes a compact record. This tool surfaces the lookup count so you can catch the problem early.

Glossary

SPF: Sender Policy Framework — a TXT record listing servers authorised to send a domain’s mail.
Mechanism: A term in an SPF record (include, ip4, a, mx) that authorises certain senders.
Softfail: The ~all result that accepts unlisted mail but flags it as suspicious.
Hardfail: The -all result that instructs receivers to reject unlisted mail.
Permerror: A permanent SPF error, commonly caused by exceeding the ten-lookup limit.

Frequently Asked Questions

Free · No spam

Get weekly tool tips & updates

New tools, power-user tips, and productivity hacks — delivered free every Friday.

No spam, ever. Unsubscribe with one click.

Why use SPF Record Checker?

Real-time DNS lookups using live resolver queries
Supports IPv4 and IPv6 addresses
No software to install — runs entirely in the browser
Results include TTL values and record priority

Common use cases

Verify DNS propagation after updating nameservers
Check MX records when troubleshooting email delivery
Look up SPF/DKIM/DMARC records for email security audits
Test whether a SSL certificate is valid and up to date
Find the IP address behind a domain name

Related Network & DNS

DMARC Record Checker

Check the DMARC policy for any domain. Validate p=reject, p=quarantine, or p=none and review your alignment and reporting settings instantly.

MX Record Lookup

Look up MX (Mail Exchanger) records for any domain. Find which mail servers handle email delivery and check their priority order instantly.

SPF Record Generator

Generate SPF DNS TXT records for your domain. Support for Google Workspace, Microsoft 365, SendGrid, Mailchimp, custom IPs and includes.

DNS Lookup Tool

Look up DNS records for any domain — A, AAAA, MX, NS, TXT, CNAME, SOA, and CAA records. Free, instant results pulled from authoritative nameservers.

DNS Propagation Checker

Check if your DNS changes have propagated worldwide. Test A, MX, and NS records across 8 global DNS servers to confirm updates are live everywhere.

What Is My IP Address?

Instantly find your public IP address. Shows your IPv4 address as seen by websites and servers, plus quick details about your connection.

Explore all Network & DNS.