If you’ve read this far, you already know what Email SPF is and why set up your SPF should implement it.
Now, the big question is how to do it.
First, you should check out the following video. It’s a tutorial showing you how FPS works and how to quickly set it up.
If you need more details, you can check out the 2-step guide below.
But first, keep in mind that:
- It may take up to 48 hours before SPF Email Authentication starts working correctly.
- The field titles for the following actions may differ depending on your domain provider, as DNS TXT record headers vary between providers.
1) Log in to your DNS server
Simply connect to your hosting server and find the DNS control panel.
If you’re using Google Workspace, you can find the DNS control panel by accessing the Google Admin console and clicking the “Applications” tab.
From there, you can click the “Google Workspace” tab and then select “DNS” from the list of options.
Alternatively, you can simply search for “DNS” in the overseas dataoverseas dataGoogle Admin Console search bar to find the DNS control panel.
2) Create a new TXT record
Let’s walk through an email SPF record to better understand how it works. You can find an example in any DNS server’s TXT record:
This specific SPF email policy is configured so that marketing for architects: see a success story emails can only originate from 12.34.56, 78/28, and lagrowthmachine.com.
Anything else would result in being labeled as a soft failure to comply with SPF standards.
let’s analyze the SPF syntax with our given example:
- v=spf1: This detail specifies the version of SPF in use.
- If the domain has an A or AAAA record that correlates to its assigned IP address, it will be
- identified as a winning combination.
- IPv4 Code: Indicates that the subsequent IPv4 address is approved for sending messages.
- Here, 12.34.56.78/28 indicates the server that is mobile list allowed to send email messages,
- allowing all machines within the entire /28 subnet instead of a single IP address. Organizations with multiple mail servers or fully dedicated subnets gain immense benefits from this configuration; it also dramatically reduces lengthy email SPF records, so be sure to take advantage of this feature!
- ~everyone: An alternate server is also allowed to send emails on behalf of the domain. For example, this could include a third-party email marketing service provider. For any other email source not listed, label it as a soft fail in SPF and allow its emails to pass through.