SPF
CHECKER
Enter a domain to read its SPF record, the DNS entry that lists which servers may send email as that domain. We show the authorised mechanisms, the all-qualifier that decides how strict it is, and count the DNS lookups against the limit of ten that silently breaks SPF when exceeded.
What is an SPF Checker?
An SPF checker is a free tool that reads a domain’s SPF record, the DNS entry listing which servers may send email as that domain. It shows the authorised mechanisms, the all-qualifier that sets how strict it is, and counts the DNS lookups against the limit of ten that silently breaks SPF when exceeded.
How does an SPF Checker work?
- 01We read the domain’s TXT records and find the v=spf1 policy.
- 02Each mechanism (include, ip4, a, mx) is listed with the all-qualifier.
- 03We count DNS-lookup mechanisms and warn when the limit of ten is at risk.
Frequently asked questions
What is the difference between ~all and -all in SPF?
The all-qualifier at the end of an SPF record sets the default for servers not otherwise listed. -all (hard fail) tells receivers to reject anything from an unlisted server; ~all (soft fail) accepts it but marks it suspicious. -all is the stronger setting, but only move to it once every legitimate sender is included, or you will bounce your own mail.
What is the SPF 10-lookup limit?
SPF allows a maximum of ten DNS-lookup mechanisms (include, a, mx, ptr, exists, redirect) per evaluation. Exceed it and the record returns a permerror, and strict receivers treat your mail as unauthenticated, so it lands in spam. This tool counts them so you can flatten or consolidate includes before you hit the ceiling.
Can a domain have more than one SPF record?
No. A domain must publish exactly one v=spf1 TXT record. Two or more is a permerror and breaks authentication entirely, a common mistake when a new service tells you to add its own record instead of merging its include into the existing one.