• Log In
  • Sign Up
  • Contact Us
PowerDMARC
  • Features
    • PowerDMARC
    • Hosted DKIM
    • PowerSPF
    • PowerBIMI
    • PowerMTA-STS
    • PowerTLS-RPT
    • PowerAlerts
    • Reputation Monitoring
  • Services
    • Deployment Services
    • Managed Services
    • Support Services
    • Service Benefits
  • Pricing
  • Power Toolbox
  • Partners
    • Reseller Program
    • MSSP Program
    • Technology Partners
    • Industry Partners
    • Become a Partner
  • Resources
    • DMARC: What is it and How does it Work?
    • Datasheets
    • Case Studies
    • Blog
    • DMARC Training
    • DMARC in Your Country
    • DMARC by Industry
    • Support
  • About
    • Our company
    • Clients
    • Contact us
    • Book a demo
    • Events
  • Menu Menu

SPF Format : SPF Basic & Advanced Formats Explained

Blogs
Spf format 01

You can send emails without using SPF or knowing about SPF format, but that won’t be safe. SPF adds an additional trust indication to recipients’ mailbox providers, and all the authentic emails sent using your domain land in the box inbox instead of being marked as spam.

SPF isn’t a fool-proof method; therefore, you must combine it with other email authentication protocols like DKIM, DMARC, and BIMI to improve email deliverability.

Since these protocols are crucial to the email authentication process and all email-driven businesses must know about them, we’ll focus on the SPF record format in this blog. 

What is SPF?

SPF is short for Sender Policy Framework- one of the most common email authentication protocols. It works using a list of IP addresses authorized to send emails using your domain name. The list typically includes IP addresses of your employees, shareholders, and third parties that directly use your domain to send emails.

If you’ve implemented SPF, any email sent from an IP address outside the list is considered unauthorized by the recipient’s mailbox.

How is Email Authenticated Using SPF?

You need to publish a valid SPF record (in TXT format) on your DNS to implement this protocol. When an email is sent from your domain, the receiver’s mail server cross-checks the sender’s IP address with the SPF records on your DNS. If it’s on the list, validation passes, and the email lands in the inbox. However, if it isn’t on the list, authentication fails, and emails don’t reach their destination.

After implementing it, you must regularly monitor your domain activity using an SPF checker to ensure it isn’t on a hacker’s radar. This can prevent spear phishing, scamming, and ransomware attacks attempted using your company’s name.

SPF Format

SPF record is complicated and has a typical format that’s difficult to understand. Here we’ll be discussing SPF record syntax and SPF record structure- the head and heart of SPF record format.

SPF Record: Basic Syntax

An SPF record is a DNS record enlisting all the IP addresses allowed to send emails using your email domain. This is what an SPF record syntax looks like:

v=spf1 ip4=193.0.1.0 ip4=193.0.1.1 include:samplesender.net -all

Let’s check out the elements included in this.

  • v=spf1- It tells the server that this contains an SPF record. Every SPF record must begin with this string.
  • ip4=193.0.1.0 ip4=193.0.1.1- It indicates the IP addresses allowed to send emails using a specific domain.
  • Include:examplesender.net: It tells third parties authorized to send emails. The ‘include’ tag directs the recipient servers to verify the included domain’s (here- samplesender.net) SPF record. You can add several domains within one SPF record.
  • -all: tells recipient servers to reject emails coming from unauthorized IP addresses, basically the ones not included in the list. 

SPF Record: Advanced Syntax

As per the SPF record format for syntaxes, it always starts with the ‘v=’ element. It tells the SPF version; currently, there’s only one version, so all SPF record formats begin like this. 

SPF record syntax has three primary elements; SPF Mechanism, SPF Qualifiers, and SPF Modifiers. Let’s see what they are.

Mechanisms

Here are the eight mechanisms

  1. ALL: This means there’s always a match. You’ll see default results like ‘-all’ for unmatching IPs.
  2. A: Domain name with A or AAAA address record matches as they can be resolved to the sender’s address.
  3. IP4: The match is valid when the sender is linked to the given IPv4 address range.
  4. IP6: The match is valid when the sender is linked to the given IPv6 address range.
  5. MX: Sender’s email address is validated only if their domain name includes an MX record for resolution.
  6. PTR: The match is authorized if the PTR record belongs to a given domain resolving to the client’s address. Experts don’t suggest its use as it might block all emails sent using your domain.
  7. EXISTS: It works if the given domain name is validated. This SPF mechanism functions with all resolved addresses. 
  8. INCLUDE: It references other domain policies. So, if that passes, it passes automatically. However, if the included policy fails, processing continues. 

Modifiers

Modifiers determine an SPF record’s functional framework. It consists of name or value pairs separated by the ‘=’ symbol, pointing out additional information. You’’ see them many times at the end of the SPF record, and all the unrecognized modifiers are ignored in the process.

The ‘redirect’ modifier directs to other SPF records responsible for efficient functioning. Experts use them whenever more than one domain is linked to the same SPF record. This modifier must be used if a single entity controls all the domains; otherwise, the ‘include’ modifier is used.

Qualifiers

Each mechanism can be combined with one of four qualifiers.

‘+’  for the PASS result

‘?’  for a NEUTRAL result interpreted like NONE policy.

‘~’ for SOFTFAIL. Usually, messages that return a SOFTFAIL are accepted but tagged. 

‘-’ for FAIL, the email is rejected.

Conclusion

SPF prevents cyberattacks committed using your brand’s name and reputation. You can stop emails sent by hackers using your domain from reaching their target audience. This works by enlisting and allowing only trusted entities to send emails using your domain. 

After understanding the SPF record format’s structure and components, you can use the SPF record generator if you haven’t implemented the protocol yet. SPF format

  • About
  • Latest Posts
Ahona Rudra
Digital Marketing & Content Writer Manager at PowerDMARC
Ahona works as a Digital Marketing and Content Writer Manager at PowerDMARC. She is a passionate writer, blogger, and marketing specialist in cybersecurity and information technology.
Latest posts by Ahona Rudra (see all)
  • DMARC Black Friday: Fortify Your Emails This Holiday Season - November 23, 2023
  • Google and Yahoo Updated Email Authentication Requirements for 2024 - November 15, 2023
  • How to Find the Best DMARC Solution Provider for Your Business? - November 8, 2023
October 31, 2022/by Ahona Rudra
Tags: format of SPF record, SPF format, SPF record format, SPF syntax
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on Twitter
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail
You might also like
SPF Syntax A Complete GuideSPF Syntax: A Complete Guide
SPF Record SyntaxSPF Record Syntax

Secure Your Email

Stop Email Spoofing and Improve Email Deliverability

15-day Free trial!


Categories

  • Blogs
  • News
  • Press Releases

Latest Blogs

  • SPF format
    DMARC Black Friday: Fortify Your Emails This Holiday SeasonNovember 23, 2023 - 8:00 pm
  • Google and Yahoo New Requirements 2024
    Google and Yahoo Updated Email Authentication Requirements for 2024November 15, 2023 - 3:23 pm
  • protect from spoofing blog
    How to Find the Best DMARC Solution Provider for Your Business?November 8, 2023 - 6:29 pm
  • Preventing-Phishing-Attacks-in-Academic-Institutions
    Preventing Phishing Attacks in Academic InstitutionsOctober 31, 2023 - 2:29 pm
logo footer powerdmarc
SOC2 GDPR PowerDMARC GDPR comliant crown commercial service
global cyber alliance certified powerdmarc csa

Knowledge

What is Email Authentication?
What is DMARC?
What is DMARC Policy?
What is SPF?
What is DKIM?
What is BIMI?
What is MTA-STS?
What is TLS-RPT?
What is RUA?
What is RUF?
AntiSpam vs DMARC
DMARC Alignment
DMARC Compliance
DMARC Enforcement
BIMI Implementation Guide
Permerror
MTA-STS & TLS-RPT Implementation Guide

Tools

Free DMARC Record Generator
Free DMARC Record Checker
Free SPF Record Generator
Free SPF Record Lookup
Free DKIM Record Generator
Free DKIM Record Lookup
Free BIMI Record Generator
Free BIMI Record Lookup
Free FCrDNS Record Lookup
Free TLS-RPT Record Checker
Free MTA-STS Record Checker
Free TLS-RPT Record Generator

Product

Product Tour
Features
PowerSPF
PowerBIMI
PowerMTA-STS
PowerTLS-RPT
PowerAlerts
Reputation Monitoring
API Documentation
Managed Services
Email Spoofing Protection
Brand Protection
Anti Phishing
DMARC for Office365
DMARC for Google Mail GSuite
DMARC for Zimbra
Free DMARC Training

Try Us

Contact Us
Free Trial
Book Demo
Partnership
Pricing
FAQ
Support
Blog
Events
Feature Request
Change Log
System Status

  • Français
  • Dansk
  • Nederlands
  • Deutsch
  • Русский
  • Polski
  • Español
  • Italiano
  • 日本語
  • 中文 (简体)
  • Português
  • Norsk
  • Svenska
  • 한국어
© PowerDMARC is a registered trademark.
  • Twitter
  • Youtube
  • LinkedIn
  • Facebook
  • Instagram
  • Contact us
  • Terms & Conditions
  • Privacy Policy
  • Cookie Policy
  • Security Policy
  • Compliance
  • GDPR Notice
  • Sitemap
Domain Reputation Checkdomain reputation check 01How to view DNS records for a domain1 01How to View DNS Records for a Domain?
Scroll to top