SPF Checker

Check SPF record for any domain. Validate SPF syntax, verify authorized mail senders, and detect configuration issues affecting email deliverability.

Run a check to see results

APIPOST /api/v1/email/spf
5(6 votes)
13
checks performed
Try also: DKIM Checker
Run Check

Key Features

100% Free

No registration required, unlimited checks

Instant Results

Real-time analysis with detailed output

REST API Access

Integrate into your workflow via API

Accurate Data

Live queries to authoritative sources

What is SPF Checker?

The SPF checker retrieves and validates the Sender Policy Framework record for any domain, ensuring it correctly defines which IP addresses and mail servers are authorized to send email on behalf of that domain. The tool parses every SPF mechanism (ip4, ip6, include, a, mx, redirect, exists), counts DNS lookups to verify compliance with the 10-lookup limit, checks syntax against the SPF specification (RFC 7208), and evaluates the qualifier policy (pass, softfail, fail, neutral). SPF is one of the three pillars of email authentication alongside DKIM and DMARC — without a valid SPF record, receiving mail servers cannot verify that incoming email is genuinely from your domain, leading to spam filtering or outright rejection.

This free SPF record checker is essential for email administrators setting up or troubleshooting SPF, marketers diagnosing why campaign emails land in spam, IT teams adding new sending services (like Mailchimp, SendGrid, or HubSpot) to their SPF record, and anyone investigating email deliverability issues.

How to Use

  1. 1Enter the domain name you want to check (e.g., yourdomain.com)
  2. 2Click 'Run Check' to retrieve the SPF TXT record from DNS and parse it
  3. 3Review the parsed mechanisms: each ip4, ip6, include, a, and mx entry represents an authorized sender
  4. 4Check the DNS lookup count — SPF allows a maximum of 10 DNS lookups total
  5. 5Look for syntax errors, warnings, or deprecated mechanisms flagged by the validator
  6. 6Verify that all your legitimate sending sources are included (mail server, marketing platform, transactional email service)

Who Uses This

System Administrators

Monitor and troubleshoot infrastructure

Developers

Debug network issues and integrate via API

SEO Specialists

Verify domain configuration and performance

Security Analysts

Audit and assess network security

Frequently Asked Questions

What is an SPF record and how does it work?
An SPF (Sender Policy Framework) record is a DNS TXT record published at your domain that lists every IP address and server authorized to send email on your behalf. When a receiving mail server gets an email claiming to be from your domain, it looks up your SPF record and checks whether the sending server's IP is listed. If the IP matches, SPF passes; if not, it fails. A typical SPF record looks like: v=spf1 ip4:192.0.2.0/24 include:_spf.google.com include:sendgrid.net -all. The 'v=spf1' identifies it as SPF, mechanisms define authorized senders, and '-all' means reject anything not listed.
How do I check if my SPF record is configured correctly?
Enter your domain in the SPF Checker and run the check. The tool retrieves your SPF TXT record from DNS, parses every mechanism, counts DNS lookups (must not exceed 10), checks for syntax errors, and verifies the record follows the SPF specification. A correctly configured SPF record should: include all your legitimate sending sources, stay within the 10-lookup limit, end with '-all' (hard fail) or '~all' (soft fail), have no syntax errors, and contain no duplicate or conflicting mechanisms.
What does the 10 DNS lookup limit mean and how do I fix it?
The SPF specification limits each record to a maximum of 10 DNS lookups (include, a, mx, redirect, and exists mechanisms each count as one lookup). Exceeding this limit causes SPF to return a 'permerror' result, effectively breaking your authentication. To fix it: flatten your SPF record by replacing include mechanisms with direct ip4/ip6 entries where possible, remove unnecessary includes for services you no longer use, consolidate overlapping entries, or use an SPF flattening service that automatically resolves includes into IP addresses. The checker shows your current lookup count so you know how close you are to the limit.
What is the difference between -all, ~all, and ?all in SPF?
These are qualifier policies that tell receiving servers how to handle email from unlisted senders: '-all' (hard fail) means reject email from any IP not in the SPF record — the strictest and recommended setting. '~all' (soft fail) means accept but mark as suspicious — commonly used during initial setup or when you're not sure all senders are listed. '?all' (neutral) means no opinion — effectively disables SPF enforcement, not recommended. '+all' (pass all) means authorize everything — this is dangerous and should never be used as it defeats the purpose of SPF entirely.
Why is my SPF record failing validation?
Common causes of SPF failures: exceeding the 10 DNS lookup limit (add more includes than allowed), syntax errors (missing 'v=spf1' prefix, invalid IP notation, typos in include domains), missing authorized senders (you added a new email marketing service but forgot to include it in SPF), multiple SPF records (a domain must have exactly one SPF TXT record — having two causes both to fail), and the include domain itself has an invalid SPF record (your record is only as good as its includes). The checker highlights the specific issue to help you fix it.

Related Articles

Robots.txt Checker: How to Test & Validate Your Robots.txtGuide

Robots.txt Checker: How to Test & Validate Your Robots.txt

Learn how to check your robots.txt file for errors that block search engines. Free robots.txt checker, common mistakes, templates, and step-by-step guide.

NetVizor Team
Apr 11, 2026
Robots.txt Checker: How to Test and Validate Your Robots.txt FileGuide

Robots.txt Checker: How to Test and Validate Your Robots.txt File

Check and validate your robots.txt file online for free. Learn what robots.txt does, how to write it correctly, and how to fix common mistakes that hurt your SEO

NetVizor Team
Apr 3, 2026
Master SPF, DKIM, DMARC Setup in Just 30 MinutesWiki

Master SPF, DKIM, DMARC Setup in Just 30 Minutes

Learn how to set up SPF, DKIM, and DMARC in 30 minutes to secure your email communications effortlessly.

NetVizor Team
Mar 2, 2026

Related Tools

DKIM Checker

DMARC Checker

MX Lookup

Blacklist Check

Popular Tools

DNS Lookup

WHOIS Lookup

Domain Age

Nameserver Checker

API Endpoint

POST /api/v1/email/spf
View Documentation