Glossary

SPF Record

An SPF (Sender Policy Framework) record is a DNS TXT record that specifies which mail servers and IP addresses are authorized to send email on behalf of a domain. When a receiving mail server gets an email, it checks the sending domain's SPF record to verify the email came from an authorized source.

Get Started

Read more terms

SPF works by publishing a list of authorized sending infrastructure in your domain's DNS. When an email arrives claiming to be from your domain, the receiving server checks your DNS for an SPF record and compares the sending IP address against the list of authorized IPs. If the IP is listed, the SPF check passes. If it is not listed, the check fails, and the receiving server can reject the message or mark it as suspicious. A correctly configured SPF record typically looks like: v=spf1 include:sendgrid.net include:_spf.google.com ~all. The v=spf1 declares the record version, include: statements authorize specific email service providers, and the all mechanism at the end defines the policy for unmatched senders (~all means 'soft fail' — treat as suspicious, -all means 'hard fail' — reject). SPF is a prerequisite for DMARC alignment on the SPF mechanism and is a Google and Yahoo requirement for bulk senders. For outbound sales teams running video outreach campaigns through tools like Outvid, ensuring SPF is correctly configured — and that all sending infrastructure is properly authorized — is a critical step in maintaining the inbox placement rates that make personalized video outreach effective.

What should I know about SPF Record?

SPF Lists Authorized Sending Sources

Every email service provider, CRM, and marketing tool that sends email on your domain's behalf must be included in your SPF record. Missing a sender causes SPF failures that damage deliverability.

SPF Has a 10-DNS-Lookup Limit

The SPF specification limits each record to 10 DNS lookups. Organizations using many email service providers can exceed this limit, causing SPF to fail even with otherwise correct configuration — a common and often overlooked issue.

SPF Protects Against Domain Spoofing

Without SPF, anyone can send email claiming to be from your domain. SPF gives receiving servers the ability to verify sender legitimacy, protecting your domain reputation from being damaged by spoofed messages.

How is SPF Record used in practice?

Configuring SPF for a B2B outbound team

A sales team sends email through Google Workspace for internal email and Instantly.ai for their cold outreach campaigns. Their SPF record reads: v=spf1 include:_spf.google.com include:spf.instantly.ai ~all. This authorizes both sending sources while using a soft fail policy for anything not listed. They verify the record passes using MXToolbox's SPF checker.

Fixing an SPF failure after adding a new tool

A company adds a new video email tool to their outreach stack but doesn't update their SPF record. Their deliverability drops from 95% inbox placement to 60%. Investigation reveals the new tool's sending IPs are failing SPF checks. After adding the tool's SPF include statement to their DNS record and waiting 24 hours for propagation, deliverability returns to 94%.

Frequently asked questions

Can I have multiple SPF records for one domain?

No — you can only have one SPF TXT record per domain. Having multiple SPF records causes SPF to fail, which is a common misconfiguration. If you need to authorize multiple senders, combine all include statements into a single SPF record.

What does ~all versus -all mean in an SPF record?

~all (soft fail) instructs receiving servers to accept emails from unauthorized senders but mark them as suspicious. -all (hard fail) instructs receiving servers to reject emails from unauthorized senders. Hard fail is more secure but requires complete confidence that all authorized senders are listed, otherwise legitimate emails are rejected.

How do I check if my SPF record is correctly configured?

Tools like MXToolbox's SPF Lookup, Google Admin Toolbox, or Dmarcian's SPF surveyor will parse your SPF record, show all authorized IPs, check for syntax errors, and count DNS lookups to identify if you're approaching the 10-lookup limit.

Learn more

Email Authentication DKIM DMARC Sender Reputation Quota Attainment How to Handle Pricing Objections in B2B Sales

Get Your Outbound Deliverability Right

Outvid helps you run personalized AI video outreach that reaches inboxes — start with a solid SPF record as the technical foundation of your email deliverability.