deliverability

How to Create an SPF TXT Record (Step-by-step 2024 Tutorial)

lemlist team
LAST UPDATED
April 9, 2024
READING TIME
7 min.
In April 2022, the average email deliverability rate on various email marketing platforms was 84.2% (Source: EmailToolTester).

The SPF  record boosts your email's credibility, reducing the risk of your emails being marked as spam and enhancing the overall security of your email communications.

What SPF records are and how to add them step by step for Google and Office 356 accounts?

What is an SPF record?

An SPF record (Sender Policy Framework) is an email authentication system that mail servers use to make sure that emails that appear to come from your domain actually do come from you.

Basically, it’s designed to stop phishing attempts and scammers from sending fake messages that claim to be from legit domains.

Technically, you don’t have to set up an SPF record in order to send emails. But it adds a layer of security to your campaigns, which makes your domain more trustworthy to ISPs (internet service providers).

This makes it more likely that your emails stay out of spam.

That’s why it’s so important to set up an SPF record: to protect your domain from spoofing, and to keep your cold emails out of spam.

What does an SPF record do?

An SPF record simply identifies the mail servers that are allowed to send messages from your domain.

It’s a type of DNS TXT (Domain Name System ”text”) with a list of APIs, software, etc., that you’ve approved to send messages on your behalf.

It looks like this

v=spf1 include:_spf.google.com ~all

The syntax is divided into a version prefix and one or several mechanisms 👇

The version prefix simply explains that this TXT record is to be used for SPF checking, and the mechanism specifies what the SPF is checking for.

Here are the possible qualifiers that could exist in an SPF record:

  • + Pass, an IP address that matches what’s in this mechanism will pass SPF (e.g. “google” in the example above.)
  • Hard Fail, an IP address that matches what’s in this mechanism will not pass SPF
  • ~ Soft Fail, an IP address that matches what’s in this mechanism will soft fail SPF, which means that the host should accept the mail, but mark it as an SPF failure (e.g. “all” in the example above.)

Can you create multiple SPF records?

Technically, you can create multiple SPF records, but it can generate an “SPF PermError,” which will harm your email deliverability.

So, before doing anything, always check if the SPF record has already been set up. If the answer is yes and you still want to add your primary domain, there's a way to merge the original record with the new one.

All you have to do is copy/paste your new SPF record in front of the old one and separate them with a single space.

For example, to add Outlook to the SPF example we included in the previous section, it would look like this:

v=spf1 include:_spf.google.com include:spf.protection.outlook.com ~all

How do I check my SPF record?

If you’re using lemlist, it takes less than a minute to check if your SPF record is good to go.

(If you don’t have an account yet, you can sign up here, for free.)

First, go to your dashboard and find the Health tab, under Reports 👇

Next, open the DNS Checks tab and click on “Refresh checks.”

In a couple seconds, you’ll get a full overview of not only your SPF record, but also your MX record exchanges, DMARC record, Email tests, and your Spamassassin score.

Of course, if you see the green “All good” sign, then your SPF formatting is already set up and protecting you from scammers and the spam folder.

If it needs configuring, all you have to do is follow the steps below.

How to set up SPF record for Microsoft Office 365

If Microsoft Office 365 is your email provider, here’s how to set up your SPF record for the relevant server.

We’ll start with a simple process you can follow for any domain provider, then add more specific details for popular domain providers like Namecheap, Cloudflare, and Bluehost.

How to set up Office 365 SPF record - for all domain providers

No matter what domain hosting you use right now, there are only a few steps to follow to validate your Microsoft Office 365 SPF:

  1. Go to the settings for your DNS provider
  2. Create a new record
  3. Choose "TXT"
  4. Put "@" in the name
  5. Put v=spf1 include:spf.protection.outlook.com -all in value

And save it!

SPF record setup for Microsoft Office 365 and Namecheap

If you're using Namecheap, here are more specific steps:

  1. Log in to Namecheap
  2. Go to Domain list and choose your domain
  3. Go to Advanced DNS
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Host" or "Name"
  7. Put v=spf1 include:spf.protection.outlook.com -all in value
https://assets-global.website-files.com/5de921a1902d8d39a699f77e/64b7e63e78e27e135e8eb620_image (14).png

SPF configuration for Microsoft Office 365 and Cloudflare

To configure your SPF record for Microsoft Office in Cloudflare, here's what to do:

  1. Log in to Cloudflare
  2. Go to Domain list and choose your domain
  3. Go to DNS
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Host" or "Name"
  7. Put v=spf1 include:spf.protection.outlook.com -all in value
  8. Save it!

Enable SPF record for Microsoft Office 365 and Bluehost

Finally, here are the steps to input your Office 365 SPF record in Bluehost:

  1. Log in to Bluehost
  2. Go to Domain list and choose your domain
  3. Go to DNS
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Host" or "Name"
  7. Put v=spf1 include:spf.protection.outlook.com -all in value
  8. Save it!
https://assets-global.website-files.com/5de921a1902d8d39a699f77e/64b7e6b0d6f88651dd0db8d6_image (14) copy 3-min.png

How to add SPF records for a Google sending domain

Now, here’s how you can add your Google domain to the SPF record mechanism for your domain provider.

How to set up your Google SPF record - for all domain providers

No matter what domain provider you use right now, follow the steps below to validate your SPF.

You can also check in the documents and tutorials of your domain provider itself to see if they already give instructions on how to configure your SPF.

  1. Go to your DNS settings
  2. Create a new record
  3. Configure and choose "TXT"
  4. Add "@" in name
  5. Add v=spf1 include:_spf.google.com ~all in value

Save it to publish it!

How to create a Google SPF record for Namecheap

If you’re using Namecheap, here are the steps to add Google to your SPF record:

  1. Log in to Namecheap
  2. Go to Domain list and choose your domain
  3. Go to Advanced DNS
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Host" or "Name"
  7. Add the tag v=spf1 include:_spf.google.com ~all in value
  8. Save it!
https://assets-global.website-files.com/5de921a1902d8d39a699f77e/64b7e749e15c3158152787bd_image (14) copy 2-min.png

Adding a Google SPF record to Cloudflare

For Cloudflare users, here’s how to add Google to the SPF TXT record.

  1. Log in to Cloudflare
  2. Go to Domain list and choose your domain
  3. Go to DNS provider
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Name"
  7. Put v=spf1 include:_spf.google.com ~all in value
  8. Save it!

How to set up Google SPF records for Bluehost

Finally, for Bluehost users, here’s how to add your Google domain:

  1. Log in to Bluehost
  2. Go to Domain list and choose your domain
  3. Go to Advanced DNS
  4. Click on "Add new record"
  5. Choose TXT record
  6. Put @ in "Host" or "Name"
  7. Put v=spf1 include:_spf.google.com ~all in value
  8. Save it
https://assets-global.website-files.com/5de921a1902d8d39a699f77e/64b7e6b0d6f88651dd0db8d6_image (14) copy 3-min.png

Key takeaways

Ensuring that your SPF are correctly set up will impact two major aspects in your email sending efforts:

  • Fighting email spoofing and misuse.
  • Increasing your email deliverability

You can have the best campaigns, but if your SPF isn't properly set up, your emails may as well go down the toilet. Use an app like lemlist to make this process as easy as pie! 

Frequently Asked Questions

Does my domain need an SPF record?

Yes, if you want to prevent spammers from spoofing your domain and sending emails that look like they come from you.

An SPF record tells receiving email servers which IP addresses are authorized to send emails from your domain, and helps them reject or mark as spam any emails that fail this check.

What is an SPF record for a domain?

An SPF record is a type of DNS TXT record that contains a list of IP addresses or domains that are allowed to send emails on behalf of your domain.

For example, if your domain is example.com, and you use Gmail to send emails, your SPF record might look something like this: v=spf1 include:_spf.google.com ~all.

This means that only emails sent from Google’s servers are valid for your domain, and any other emails should be treated with caution.

Can I use DKIM without SPF?

Yes, you can use DKIM without SPF, but it is not recommended. DKIM is another email authentication method that uses digital signatures to verify that an email has not been tampered with in transit.

However, DKIM does not prevent spoofing of the sender’s address, which is what SPF does.

Therefore, it is best to use both SPF and DKIM together to ensure the integrity and authenticity of your emails.

Why is DKIM better than SPF?

DKIM is not better than SPF, but rather complementary.

SPF verifies the sender’s identity based on the IP address of the sending server, while DKIM verifies the content of the email based on a cryptographic signature.

Both methods have their advantages and limitations, and using them together provides a stronger level of email authentication and security.

Does DMARC use SPF?

Yes, DMARC uses SPF, as well as DKIM, to validate emails.

DMARC is a policy that tells receiving email servers what to do with emails that fail SPF and DKIM checks.

For example, you can set your DMARC policy to reject, quarantine, or accept such emails, and also receive reports on how your emails are being processed by different email providers.

DMARC helps you monitor and improve your email deliverability and reputation.

What is SPF and DKIM records?

SPF and DKIM records are DNS TXT records that store the information needed for SPF and DKIM validation.

SPF records list the authorized IP addresses or custom domains for sending emails from your domain, while DKIM records store the public keys that are used to verify the digital signatures of your emails.

You need to create and publish these records in your DNS settings to enable SPF and DKIM for your domain.

Is SPF a DNS record?

Yes, SPF is a DNS record, specifically a TXT record.

A TXT record is a type of DNS record that can store any text information related to your domain.

SPF uses TXT records to store the list of authorized senders for your domain.

You can create and manage your SPF TXT record using your DNS provider’s website or tools.

lemlist team
Your source of actionable outreach tips and strategies that will help you get replies and grow your business.
Get weekly outreach tips
SHARE THIS ARTICLE
Thanks! You've successfully subscribed to lemlist newsletter
Oops! Something went wrong while submitting the form.

Multichannel Expert

$
99
/ MO
Per user / 5 SENDING EMAIL
Everything in Email Pro
Email finder + verifier (500 credits/mo)
500 free credits per month
Linkedin prospection
LinkedIn voice notes
with Aircall
Cold calling prospection with Aircall
with Aircall
Advanced campaign conditions
Custom landing page
Premium support chat

Outreach Scale

$
159
/ MO
Per user / 15 SENDING EMAIL
Everything in Multichannel Expert
Email finder + verifier (1,000 credits/mo)
1000 free credits per month
Dedicated account manager (4+ seats)

More than 10 users?

Multichannel Expert

$
89
/ MO
Per user / 5 SENDING EMAIL
Everything in Email Pro
Email finder + verifier (500 credits/mo)
500 free credits per month
Linkedin prospection
LinkedIn voice notes
with Aircall
Cold calling prospection with Aircall
with Aircall
Advanced campaign conditions
Custom landing page
Premium support chat

Outreach Scale

$
144
/ MO
Per user / 15 SENDING EMAIL
Everything in Multichannel Expert
Email finder + verifier (1,000 credits/mo)
1000 free credits per month
Dedicated account manager (4+ seats)

More than 10 users?

Multichannel Expert

$
79
/ MO
Per user / 5 SENDING EMAIL
Everything in Email Pro
Email finder + verifier (500 credits/mo)
500 free credits per month
Linkedin prospection
LinkedIn voice notes
with Aircall
Cold calling prospection with Aircall
with Aircall
Advanced campaign conditions
Custom landing page
Premium support chat

Outreach Scale

$
129
/ MO
Per user / 15 SENDING EMAIL
Everything in Multichannel Expert
Email finder + verifier (1,000 credits/mo)
1000 free credits per month
Dedicated account manager (4+ seats)

More than 10 users?

What you should look at next

Receive weekly outreach tips in your inbox, sent to 210 000+ salespeople, marketers, founders, and entrepreneurs worldwide!

Subscribe to the lemlist newsletter
You've successfully subscribed to the lemlist newsletter!
Oops! Something went wrong while submitting the form.