An SPF (Sender Policy Framework) record helps protect your domain from being used to send spoofed email, and helps keep your legitimate outgoing messages out of recipients' spam folders. This article explains how SPF works and walks you through adding — and, if needed, removing — an SPF record for your domain in your Hover control panel.
How SPF Protects Your Domain
SPF is a spam-protection method based on authorizing which mail servers can send email for your domain. An SPF record is a TXT record in your domain's DNS settings that lists which servers are authorized senders.
Note: A domain can only have one SPF record. Having more than one causes DNS conflicts, and none of the records will resolve correctly.
An SPF record is made up of several parts. Here is the most common SPF record used at Hover:
v=spf1 include:_spf.hostedemail.com ~all
SPF part | What it does |
|---|---|
v=spf1 | Marks this as an SPF record. Required at the start of every SPF record. |
a | Authorizes the domain's DNS A record as a valid sending source. Note: The example above doesn't include this mechanism. |
mx | Authorizes the domain's DNS MX record as a valid sending source. Note: The example above doesn't include this mechanism. |
-all | Applies a "hard fail" to email sent from a server not already listed as authorized — the email isn't delivered, and the sender gets a bounce-back message. |
~all | Applies a "soft fail" to email sent from an unlisted server — the email is tagged as suspicious but still delivered. |
Before you begin
- Sign in to your Hover control panel. You'll need access to your domain's DNS settings to add or remove records.
- Check for an existing SPF record. Since a domain can only have one, you'll want to update an existing record rather than add a second one.
Step 1: Add an SPF Record
- Sign in to your Hover control panel using your chosen method of two-factor authentication.
- From the domain's Overview page, choose the DNS tab.
- Select Add a record.
- Select TXT from the Type dropdown menu, and enter @ as the Hostname. For the Content, enter your SPF record — for example, the most widely used SPF record at Hover: v=spf1 include:_spf.hostedemail.com ~all
- Click Add record to save your changes.
Step 2: Remove an SPF Record
There may be times you need to remove an SPF record — for example, if you're replacing it with an updated one.
- From the domain's Overview page, choose the DNS tab.
- Locate the SPF record and select the green X to the far right of the record.
- In the pop-up, select Delete.
SPF Configuration Examples
Desired outcome | Example record |
|---|---|
Allow a single IPv4 address to send | v=spf1 ip4:204.200.197.197 -all — only mail from this address is delivered; all other servers bounce. |
Allow a range of IPv4 addresses to send | v=spf1 ip4:192.168.0.1/16 -all — allows mail from any address between 192.168.0.1 and 192.168.255.255. |
Allow a specific mail server to send | v=spf1 mx:mx1.domain.com -all — allows mail only from mx1.domain.com; all other servers bounce. |
Allow multiple sources in one record | v=spf1 a mx ip4:204.200.197.197 mx:mx1.domain.com -all — combines an IP address and a mail server as valid senders. |
Block the domain from sending any email | v=spf1 -all — all outgoing mail bounces back to the sender. |
Allow a single IPv6 address to send | v=spf1 ip6:1080::8:800:200C:417A -all — only mail from this IPv6 address is delivered. |
Allow a range of IPv6 addresses to send | v=spf1 ip6:1080::8:800:200C:417A/96 -all — allows mail from addresses between 1080::8:800:0000:0000 and 1080::8:800:FFFF:FFFF. |
Allow another domain to send on your behalf | v=spf1 include:anotherdomain.com -all — allows anotherdomain.com to send email for your domain. Note: anotherdomain.com must have its own valid SPF record for this to work. |
Next steps
- Add a DMARC record too. SPF works alongside DKIM and DMARC to fully protect your domain from spoofing — see Understanding Gmail, Microsoft, and Yahoo DMARC Requirements for Hover Email.
- Dealing with spoofed or undeliverable mail? See Email Spoofing and Undeliverable Notices.
Questions? Contact Hover Support.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.