Creating an SPF record

By adding an SPF record to your domain, you can control the ability of where and who can send out mail from your domain name and lessen the odds of your emails being flagged as spam by other mail servers.

What is an SPF record? 

An SPF record lists all authorized IP addresses and/or hostnames permitted to send emails on behalf of the domain name. To put it simply, an SPF Record is simply a TXT record added to your domain's DNS. The details of the record must be exact to function properly.

Note: Hover's DNS panel has a character limit of 255. This means the SPF record will need to be shorter than 255 characters.

An SPF record needs to have the hostname as @. The value is what differentiates an SPF record from other TXT records. Here is an example of an SPF record that our customers frequently use:

v=spf1 include:_spf.hostedemail.com include:hover.com ~all

 

Different parts of an SPF record

 v=spf1
  • Defines this as an SPF record.
  • Required to be at the beginning of the value for each SPF record.
 a
  • Allows a mail server at the IP address defined in the A record in the DNS panel to send emails.
 mx
  • Allows the mail server defined in the MX record in the DNS panel to send emails.
 -all
  • Specifies that all emails sent through a different server than those already listed as "ok" will return a code of “hard fail.” The email will NOT be delivered and generate a bounce-back email.


If you want to force a “soft fail” instead, which allows the email sent through the different mail server to be delivered, change the -all to ~all. With the ~all in place, the email will be tagged as suspicious but will still be delivered to the recipient.

Adding/Removing an SPF record

  1. Sign in to your Hover Control Panel.

    ControlPanel.png

  2. From the Domain's Overview page, click on the DNS section.

    ClickDNS.png

  3. From the DNS section, click on Add a record.

    ClickAddRecord.png
  4. Select TXT from the dropdown menu. 

    TXT.png

SPF configuration examples

Specify a single IPv4 address that can send emails

v=spf1 ip4:204.200.197.197 -all

  • This would allow mail to be sent from a mail server at the IP address 204.200.197.197 only. 

  • Mail sent from mail servers on any other IP address would not be delivered, and the sender would receive a bounceback.

Specify a range of IPv4 addresses that can send emails

 v=spf1 ip4:192.168.0.1/16 -all

  • Allows mail to be sent from any IP address between 192.168.0.1 and 192.168.255.255.
Specify a mail server that can send

v=spf1 mx:mx1.domain.com  -all

  • Would allow mail to be sent from a mail server named mx1.domain.com. Mail from any other mail server would not be delivered, and the sender would receive a bounce message.
Specify multiple items in one SPF record

v=spf1 a mx ip4:204.200.197.197 mx:mx1.domain.com  -all

  • Allows an IP address and a mail server to send out emails.
Make domain unable to send any emails

v=spf1 -all

  • All emails will be bounced back to the sender.
Specify a single IPv6 address that can send

v=spf1 ip6:1080::8:800:200C:417A -all

 

  • Would allow mail to be sent from a mail server at the IP address 1080::8:800:200C:417A only. 
Specify a range of IPv6 addresses that can send

v=spf1 ip6:1080::8:800:200C:417A/96 -all

 

  • Allows mail to be sent from any IPv6 address between 1080::8:800:0000:0000 and 1080::8:800:FFFF:FFFF.
Specify another domain that can send email from the domain

v=spf1 include:anotherdomain.com  -all

  • Allows mail to be sent from another specific domain on behalf of the domain, for example, anotherdomain.com, which has this SPF record in its DNS records.

    Note: For this to work, anotherdomain.com must have a valid SPF record in its own DNS records.

Back to top

Was this article helpful?

Still need some help? Submit a Request.