SPF (Sender Policy Framework)

SPF (Sender Policy Framework) is an email authentication standard that lets a domain owner publish, in DNS, the list of mail servers allowed to send email on its behalf.

In depth

The domain publishes a single TXT record listing authorized sending sources. When a receiving server gets a message, it checks whether the sending server’s IP address is on that list. A pass tells the receiver the envelope sender is legitimate; a fail is a signal of spoofing. SPF only validates the hidden envelope (return-path) domain, not the visible From address, which is why it is paired with DKIM and DMARC. Keep to the 10-DNS-lookup limit or the record returns a permerror.

Example

A record like v=spf1 include:_spf.google.com ~all authorizes Google Workspace servers to send for your domain and soft-fails everything else.

Related terms

See our full email marketing glossary or the complete email marketing guide.