What are SPF records, and how to create them?

 

How to Create SPF records

 

SPF means "Sender Policy Framework", and can be used to avoid forging of sender's addresses in emails. It is not a record type of its own, but uses TXT records for this.

There should always be only one SPF policy record for a domain, while the SPF definition may contain several different rules, and can be split over multiple TXT records with different names, if needed.

There are many tools online available to help with creating a SPF record for a specific domain, e.g. this one.

 

For instance, your Joker.com-domain is "example.com", and you want to allow emails from Gmail, you have to create a DNS record of type "TXT" for your domain "example.com", and enter this line:

 

v=spf1 include:_spf.google.com ~all

 

In case you want to make use of a SPF record for a Joker.com domain, and want to make sure that emails from Joker.com will reach email addresses using your Joker.com domain, you need to add (include) this additional rule to your SPF policy:

 

include:_spf.joker.com

 

resulting in this SPF policy:

 

v=spf1 include:_spf.google.com include:_spf.joker.com ~all

 

You can create more than one TXT record to split the SPF policy rules, then the records should all start with v=spf1 to define one SPF policy and every record must have a different name, or in other words - for every unique name (including domain itself) only one record starting with "v=spf1" is allowed:

 

Incorrect:

example.com TXT "v=spf1 include:_spf.google.com ~all"

example.com TXT "v=spf1 include:_spf.joker.com ~all"

 

Correct:

example.com      TXT "v=spf1 include:_spf.google.com ~all"

spf1.example.com TXT "v=spf1 include:_spf.joker.com ~all"

 




Tags: DNS, Nameservice

Related entries:

You cannot comment on this entry