How to generate a SPF (sender policy framework) dns record


The spf record is an e-mail sender verification dns record. It is a txt record, in which you define who is an authorized e-mail sender for a particular domain. Here is a valid spf record for

DNS zone for

Source:            TTL:       Type:  Value: 14400 IN TXT  "v=spf1 mx a ptr ip4: ~all"


* The spf record type is txt and it needs to start with v=spf1.

* If you want to add the mx record of the domain as a valid sender just add “mx” in the Value field.

* In case the A record for the domain is going to be also a valid sender please add just “a”.

* To allow any hostname ending in to send email for add “ptr” in the value field.

* To define another IP as a valid sender, please type “ip4” for version 4 Ips followed by “:” and the actual IP – ip4:

* If you want to add another server name as a valid sender, please specify  “a:” followed by the valid server name -

* To add another domain as a valid sender type “include:” followed by the domain -


If you want e-mails to Soft Fail when not authorized sender is used type ~all at the end. To have a neutral spf recrd type ?all” and for Hard Fail “-all”. All directives in the value field need to be separated by space.

Here is an example: 14395 IN TXT "v=spf1 mx -all"



Was this article helpful?
1 out of 7 found this helpful

Have more questions? Contact our support instantly via Live Chat