SPF Checker (analysis)

Analyze and validate SPF records for any domain

SPF Generator

Build your SPF record step by step with guided options

Basic Policy

Default Policy *

Soft Fail (~all)
Mark unauthorized emails as suspicious but allow delivery. Recommended for most domains.

Fail (-all)
Reject unauthorized emails completely. Use only when you are confident about your setup.

Neutral (?all)
No policy specified. Not recommended for production use.

Pass (+all)
Allow all emails. Defeats the purpose of SPF - not recommended.

Recommendation: Use Soft Fail (~all) for most domains. It provides protection while being forgiving of configuration issues.

Authorized Email Sources

Domain A/AAAA records (a)
Allow the domain itself to send emails

MX records (mx)
Allow mail servers listed in MX records to send emails

Additional Domains (a: mechanism) Domains allowed to send emails for you. One per line. "a:" will be added automatically.

IPv4 Addresses IPv4 addresses or CIDR ranges. One per line.

IPv6 Addresses IPv6 addresses or CIDR ranges. One per line.

Include External SPF Records External SPF records to include. Common services: Google (_spf.google.com), Microsoft (spf.protection.outlook.com), Salesforce (_spf.salesforce.com). One per line.

Expert zone: These settings are for advanced users who understand SPF mechanisms. Most domains can skip this section.

Exists Mechanisms (exists) Advanced DNS-based validation. Use only if you understand SPF macros.

Custom Mechanisms Custom SPF mechanisms. Advanced users only.

SPF Record Editor

Name/Label/Host

Record Type

TTL

SPF Record Value: Enter or edit SPF record to validate its syntax

Evaluated parameter	Rating	Score	Description
Total Score	0/100	Not Evaluated

SPF

SPF defines which servers may send emails for your domain. It helps prevent spoofing and improves deliverability.

SPF Checker (analysis)

SPF Generator

Basic Policy

Authorized Email Sources

Advanced Options (for experts - usually not needed)

SPF Record Editor

Detailed Scoring 0/100

SPF