Article overview

Help article

Setting an SPF record

One of the applications of the TXT record is the so called SPF record. SPF stands for Sender Policy Frame and is used to check if the sending mail server is allowed to send e-mails on behalf of a domain name.

If your sending mailserver isn't listed in your SPF record or if the SPF record isn't present, then sent email will almost always be marked as spam.


Where do I add an SPF record?

You can add all your DNS records easily and free of charge via your control panel. Go to the 'Domain & Hosting' tab and select the domain in the left column for which you want to set the SPF record (don't check the box).

Now scroll to 'Advanced Domain Settings', followed by 'DNS'. If you do not see this yet, first click the switch behind 'TransIP settings' so the TransIP settings are switched off. The DNS records of your domain name will become visible, after which you can change them at will.

domain spf record


How do I set an SPF record?

The complete value in the image above is as follows: v=spf1 include:_spf.transip.email ~all. This is the SPF record of the email servers of TransIP and are used for services such as Web Hosting, Email Only and our Forwarding Service.

The value of this specific SPF record states that the mail servers linked to the DNS record _spf.transip.email have permission to send mail from the domain name. Below we will break down the different parts of the SPF record and show a list of the different elements you can use.


Name

You set an SPF record by starting with the name. Here you specify which part of the domain the DNS record should work for. You can set an SPF record for both your primary domain and a subdomain.

  • If you want to set an SPF record for a primary domain, enter an @ in the 'Name' field.
  • If you want to set an SPF record for a subdomain, only enter the subdomain in the 'Name' field.
    • Our DNS software will automatically add the root domain name in the background.

Take note: Use a maximum of one SPF record per (sub)domain. Using multiple SPF records for the same domain will cause conflicts and email may still be flagged as spam.


TTL

The 'TTL' of a DNS record determines how long the record can remain in the cache. We recommend keeping the TTL low, for example at 1 or 5 minutes.


Type

 

Because an SPF record is a variation on the TXT record, we choose 'TXT' under 'Type'.


Value

The value of the SPF-record consists of several different components:

  • The value of an SPF record starts with v=spf1. This means that SPF version 1 is being used.
  • Afterwards you state which hostname or IP address should get permission to send email from your domain name. In our example the SPF record uses include:_spf.transip.email, which states that the TransIP email server has permission to send email from the domain name.
  • The SPF record ends with ~all. This part shows that e-mails will be allowed wether they correspond with the variables in the record or not. The e-mails will get marked down though.

You basically start each SPF record with the SPF version (v=spf1) and end it with the control method (~all). Although the version will always be the same, you may choose to use different control methods.

You can also choose to enter several different elements in between the SPF version and the control method. For instance, you may use elements to include A records, MX records and IP addresses and ranges. Read more about these elements below.

Make sure you do not enter quotation marks in the value of an SPF record. These are already added automatically behind the scenes. If you do enter quotation marks manually, the SPF record will not work properly.


IPv4 adresses

In order to authorize an IPv4 address to send e-mails for your domain, add the following part to the SPF record:

For a specific IPv4 address: ip4:37.97.254.27 
For an IPv4 range: ip4:37.97.0.1/16

The value of your SPF record should look as follows: v=spf1 ip4:37.97.254.27 ~all

spf record with ip4


IPv6 adresses

In order to authorize an IPv6 address to send e-mails for your domain, add the following part to the SPF record:

For a specific IPv6 address: ip6:2a01:7c8:3:1337::27 
For an IPv6 range: ip6:2a01:7c8:3:1337::27/96

The value of your SPF record should look as follows: v=spf1 ip6:2a01:7c8:3:1337::27 ~all

spf record with ip6


A records

You can also specify all A-records of a domain at once in an SPF record:

For a specific domain: a:domain.com
For a specific subdomain: a:mail.domain.com

The value of your SPF record should look as follows: v=spf1 a:domain.com ~all

spf record with a:

All A records for respectively example.com and mail.domain.com are checked this way. The SPF check succeeds if the IPv4 address of the sending server matches any one of the IPv4 addresses.

If no domain is specified, the domain for which the SPF record is configured will be used.


MX records

MX-records work much like using A records in an SPF record:

Voor een specifiek domein: mx mx:domain.com
Voor een specifiek subdomein: mx mx:mail.domain.com

The value of your SPF record should look as follows: v=spf1 mx mx:domain.com ~all

spf record with mx:

By using this method, all A records for all MX records are checked for respectively domain.com and mail.domain.com, based on the order of the MX records. If the IPv4 address of the sending party matches any one of the IPv4 records that are checked in this manner, the SPF check succeeds and the mail server is authorized to send e-mails from domain.com of mail.domain.com

If no domain is specified, the domain for which the SPF record is configured will be used.


Combining elements

The components above may also be combined by adding all these individual components to your SPF records, for example: v=spf1 include:_spf.transip.email a:domein.nl ip4:37.97.254.27 ~all

An SPF record can contain a maximum of 10 elements.

For more information about the various components of SPF records and tools to create and check your own SPF record, please visit this website.


This article has discussed the setting of an SPF record. For a general explanation about DNS records and entering them, see the article ‘DNS and nameservers'.

Use the article 'The DNS settings of my web hosting package' to learn how to set the SPF record for your Web Hosting,

Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.

If you want to discuss this article with other users, please leave a message under 'Comments'.

Has this article been helpful?

Create an account or log in to leave a rating.

Comments

Create an account or log in to be able to leave a comment.