100% Free - No Signup Required

Free SPF Record Checker

Instantly validate your domain's SPF record. Check your authorized senders, DNS lookup count, and syntax for free.

What Our Free SPF Checker Validates

Authorized Servers

Lists all IP addresses and domains authorized to send email for your domain.

DNS Lookup Count

Checks if you're within the 10-lookup limit. Exceeding this causes SPF to fail.

Syntax Validation

Detects syntax errors, invalid mechanisms, and common configuration mistakes.

What is SPF and Why Does It Matter?

SPF (Sender Policy Framework) is an email authentication method that specifies which mail servers are authorized to send email on behalf of your domain. It helps prevent spammers from sending emails with forged "From" addresses.

When an email is received, the recipient's mail server checks the SPF record to verify the sending server is authorized. Without SPF, your legitimate emails may be marked as spam or rejected.

Common SPF Mechanisms

ip4:Authorizes a specific IPv4 address or range
include:Includes another domain's SPF record (counts as DNS lookup)
aAuthorizes the domain's A record IP address
mxAuthorizes the domain's mail server IPs
~all / -allWhat to do with non-matching senders (softfail / fail)

Important: 10 DNS Lookup Limit

SPF has a maximum of 10 DNS lookups. Each include:, a,mx, and redirect= counts as a lookup. Exceeding this limit causes SPF to fail entirely (PermError), blocking your emails.

Want Continuous SPF Monitoring?

Get alerts when your SPF record changes or exceeds limits. Our free tier includes SPF, DKIM, and DMARC monitoring.

Start Free MonitoringFull Domain Scan

SPF FAQ

How do I create an SPF record?

Add a TXT record at your domain (not a subdomain) starting with 'v=spf1'. Include your email providers using 'include:' and end with '~all' or '-all'. Example: v=spf1 include:_spf.google.com ~all

Why am I seeing 'Too many DNS lookups'?

Each 'include:', 'a', 'mx', 'ptr', and 'exists' mechanism counts as a DNS lookup. SPF limits you to 10. To fix this, remove unnecessary includes, use IP addresses directly (ip4:/ip6:), or use SPF flattening services.

What's the difference between ~all and -all?

~all (softfail) marks failing emails as suspicious but usually delivers them. -all (hardfail) tells receivers to reject failing emails. Start with ~all while testing, then move to -all once you're confident your SPF is correct.

Can I have multiple SPF records?

No, you should only have one SPF record per domain. Multiple SPF records cause validation failures. If you need to combine providers, include them all in a single record using 'include:' statements.