What is an SPF Survey?

Blog

SPF survey is a process where an SPF record is diagnosed and validated for its efficacy and correctness.

by Ahona Rudra

Last Updated:
Reading Time: 4 min
What is an SPF Survey?
Table Of Contents

SPF survey is a process where an SPF record is diagnosed and validated for its efficacy and correctness. This survey includes looking into the queried domain name, displaying the SPF record (if found), and then running a number of SPF validation tests against the record. 

The process is undertaken to highlight errors found in the record as it impacts DMARC compliance and email deliverability while also keeping phishers and scammers at bay.

Key Takeaways

  1. An SPF survey helps diagnose and validate SPF records to ensure email deliverability and compliance.
  2. Regular reviews of SPF records can prevent multiple entries that may lead to validation failures and decreased deliverability.
  3. Limitations on DNS lookups necessitate the management of SPF records to prevent exceeding the maximum lookup threshold.
  4. Common mistakes like typos or improper syntax in SPF records can significantly affect email authentication.
  5. Utilizing a free SPF survey tool can simplify the process of checking for and correcting SPF record errors.

SPF Survey: See How Your SPF Record is Used

SPF survey is a diagnosis that produces a graphical representation of SPF records for a specific domain. You can perform the following activities if you use a free survey SPF for your official domain.

  • Verify if your SPF record is published correctly.
  • Check and update the list of authorized IP addresses allowed to send emails using your domain.
  • Evaluate the traffic coming from your domain’s SPF entries.
  • Avert SPF record formatting mistakes, as these can create issues in delivering emails to intended recipients.
  • Find out discrepancies in your pre-published SPF record.
  • The SPF survey lets you check if your senders are sending SPF-authenticated messages properly or if you still need to train them.

Simplify SPF with PowerDMARC!

Start 15-day trial Book a demo

What Configurations Can You Make During an SPF Survey?

Once you reach the ‘Record Analysis’ page, you can see SPF record details specifying DMARC information. This is where you’ll see all the active SPF record entries. You can see the entries currently in use and those not in use. You should filter them to avoid cluttering, as unused and unnecessary SPF lookups give a larger surface area to attack. SPF survey tools also help you keep your SPF records decluttered and stay under the 10 DNS lookup limit.

This feature gives you credible feedback on domains for which you have received DMARC reports in the last 7 days. However, in certain situations, a seven-day period is not enough to recommend whether an IP range should be removed. In this case, you need to check back on it later while performing another SPF survey. This most probably occurs due to a lack of traffic.

Common SPF Errors Highlighted During a Free Survey SPF

SPF users perform regular SPF surveys to ensure their record is error-free and fully compliant with the prerequisites. If your record isn’t validated, it will likely fail to propagate or have configuration issues. Let’s see what these common errors are and how you can troubleshoot them. 

Multiple SPF Records

SPF survey will see a failed validation result if there is more than one SPF entry for each domain. In this case, the recipient’s mailbox declines both, which directly impacts the email deliverability rate.

You should delete SPF entries that aren’t in use anymore. There would be some services that you no longer use but still has an SPF entry specified in your DNS zone. Such records are eligible for removal during a free survey SPF.

If you can’t remove obsolete records, you can merge two or more records into one. While merging records, ensure the entry begins with the ‘v=spf1’ and ends with the “~all” parameter.  

Too Many DNS Lookups

SPF records are limited to 10 “include” lookups per record. Every instance of parameters “include”, “a”, “mx”, “ptr”, “exists”, and “redirect” will generate one lookup. If any domain has an “include” containing other instances of the same parameters, they are also counted towards the 10 lookup limit.

So, if your record exceeds this limit, the SPF survey will highlight failed validation results.

To resolve this, you need to get rid of obsolete “includes” and “references” to domains. You can use subdomains instead. But if your subdomain is verified, emails are to be sent from that only.

Syntax Error

You need to take care that the SPF record check is properly done. Each SPF record must:

Start with “v=spf1”

End with “~all”, “-all” or “?all”

And does not have multiple “all” or “v=spf1” parts in the entry  (eg. v=spf1 a mx include:_spf.elasticemail.com ~all ~all )

Additional + in include

In some scenarios, the recipient’s server fails SPF record authentication when the “include” is prefixed with a “+” sign as the default parameter for the mechanism is a pass. 

The ‘+’ sign also denotes pass, thus creating redundancy. So, you should remove this sign from your SPF records.

Typos

Typos are a common mistake. So, just double-check everything you’ve typed. 

Still Facing A Problem?

If you are still facing a problem, you can use our free SPF survey tool: SPF record checker. It’ll instantly alert you regarding these errors so that you can make the necessary modifications to enjoy an error-free SPF.

You can leverage our SPF record checker to perform an SPF record lookup for your domain in the following way:

  • Start by entering your domain name in the box provided.
  • Click on the “Lookup” button, and you’re done! 

Our SPF checker is convenient and easy to use for instant SPF record lookups on the go.

Latest posts by Ahona Rudra (see all)
Last Updated:
How to delegate a subdomain to another NameServer?How to delegate a subdomain to another NameServerForbes 2023 official member Maitham Al LawatiMaitham Al Lawati, CEO of PowerDMARC accepted into Forbes Technology Counci...