Free SPF Record Generator
Create Valid SPF DNS Records in Seconds
Published May 1, 2026 · 6 min read
Without an SPF record, anyone can send emails that look like they came from your domain. Google and Yahoo now require SPF for all bulk senders. Here's how to generate one — free, no signup, instant.
What Is an SPF Record?
SPF (Sender Policy Framework) is a DNS TXT record that tells the world: "These specific servers are allowed to send email from my domain. Anyone else? Block them."
It's the simplest anti-spoofing protection you can add to your domain — one DNS record that prevents scammers from sending phishing emails that appear to come from you.
Example SPF Record
v=spf1 include:_spf.google.com ~all
This tells the world: "Google's mail servers can send email from my domain. Everything else? Mark as suspicious."
SPF Record Syntax Explained
| Mechanism | What It Does | Example |
|---|---|---|
v=spf1 |
Version — always start with this | v=spf1 |
include: |
Authorize another domain's SPF | include:_spf.google.com |
mx |
Allow your MX servers to send | mx |
a |
Allow your A/AAAA record IPs | a |
ip4:/ip6: |
Allow specific IPs | ip4:192.0.2.1 |
~all |
Softfail — mark unmatched as suspicious | ~all |
-all |
Hardfail — reject unmatched | -all |
Common SPF Templates
📧 Google Workspace
v=spf1 include:_spf.google.com ~all
📧 Microsoft 365
v=spf1 include:spf.protection.outlook.com ~all
📧 Zoho Mail
v=spf1 include:zoho.com ~all
📧 SendGrid
v=spf1 include:sendgrid.net ~all
📧 Mailchimp (Transactional)
v=spf1 include:spf.mandrillapp.com ~all
📧 Multiple Providers
v=spf1 include:_spf.google.com include:sendgrid.net ~all
You can chain multiple includes — but keep it under 10 DNS lookups!
🛡️ Test Your SPF After Adding It
Use our free email deliverability checker to verify SPF, DKIM, DMARC, and MX records.
Check Your Domain Now →How to Add Your SPF Record
- Log into your DNS provider — Cloudflare, Namecheap, GoDaddy, AWS Route53, etc.
- Go to DNS settings for your domain.
- Add a new TXT record:
- Name/Host:
@(or your domain root) - Type:
TXT - Value: Your SPF string (e.g.,
v=spf1 include:_spf.google.com ~all) - TTL:
3600(1 hour) is fine
- Name/Host:
- Save and wait 15-60 minutes for propagation.
- Verify with the Korpo.Pro email checker — you should see ✅ SPF Configured.
5 Common SPF Mistakes
- Multiple SPF records. You can only have ONE SPF TXT record per domain. If you need multiple providers, combine them:
include:provider1 include:provider2 - Too many DNS lookups. SPF has a 10-lookup limit. Each
include:,a,mx,ptrcounts as 1 lookup. Nested includes count too. - Using
+all. Never end with+all— it authorizes EVERYONE to send from your domain. Always use~allor-all. - Forgetting to update when switching providers. If you move from Google to Microsoft, update your SPF. Old includes = security holes.
- Not testing after adding. Always run a check — a typo in your SPF record silently breaks your email deliverability.
SPF Alone Isn't Enough
SPF protects against domain spoofing — but not everything. You also need:
- DKIM — cryptographic signatures that prove your email wasn't tampered with in transit.
- DMARC — a policy that tells receiving servers what to do with emails that fail SPF/DKIM.
- MX records — without these, your domain literally can't receive email.
All three are free DNS TXT records. Use the SPF/DKIM/DMARC setup guide to configure all of them in one session.
📊 Full Deliverability Audit — €9
Get a professional PDF report with your SPF, DKIM, DMARC, MX records, blacklist status, and step-by-step fixes.
📄 Get Your PDF Report →TL;DR
- SPF is a DNS TXT record that prevents email spoofing from your domain.
- Google and Yahoo require SPF for anyone sending >5,000 emails/day.
- Use
v=spf1 include:YOUR_PROVIDER ~all— replace YOUR_PROVIDER with Google, Microsoft, etc. - Only ONE SPF record per domain. Combine multiple providers in one record.
- Test it with the free Korpo.Pro email checker after adding.