SPF record explained
A breakdown of an SPF record, including how mechanisms like include and all work in practice.
What an SPF record is
An SPF record is a DNS TXT record that defines which systems are allowed to send email for a domain.
You can analyse SPF records using DNS Pro: https://app.dnspro.co.uk/spf-lookup
Example SPF record
v=spf1 ip4:203.0.113.10 include:spf.protection.outlook.com -allMechanism breakdown
- ip4 → allows a specific IPv4 address
- include → references another SPF policy
- all → defines default behaviour
Common interpretations
- -all → fail everything else
- ~all → soft fail
- +all → allow all (unsafe)