SPF
SPF stands for Sender Policy Framework. It is a specific DNS record that specifies the authorized email servers for a particular domain. This record is used by a receiving email server to help prevent spam and unauthorized email.
In addition to SPF records, DKIM and DMARC records help to validate and authenticate email.
SPF Record Format
All records must start with v=spf1 then you add additional clauses starting with ip4, ip6, or include. There are a few other types of clauses, however 99% of what you need will be with those 3 clauses. End the record with the all clause with a prefix of -, ~, +, or ?. I recommend -.
Example:
v=spf1 ip4=192.0.2.0 ip4=192.0.2.1 include:examplesender.email -all
SPF All Suffix
- -all (Fail): email from servers / IP addresses, not listed in the SPF record, should be rejected.
- ~all (SoftFail): emails from servers / IP addresses, not listed in the SPF record, should be accepted but marked
- +all (Pass): any servers can send emails on your domain’s behalf. We highly recommend not to use this option.
- ?all (Neutral): Interpreted as None / No policy. We highly recommend not to use this option.