With our SPF generator, you can check the SPF settings you have already made and prepare your domain for the use of the Sender Policy Framework. Upgrade your domain with such an entry today and ensure that your emails comply with current standards and are properly accepted by the recipient.
The SPF (Sender Policy Framework, formerly also Sender Permitted From) is a spam protection method used for sender authentication.
Additional information is stored in the DNS records of a domain in the form of special TXT records, so-called SPF records. These additional SPF records in the DNS contain detailed information about the sending mail servers.
The receiving mail server then has the possibility to check via the SPF record of the domain whether the received email originates from an authorised mail server or from an unauthorised server. In the latter case, the email can be identified via the SPF spam protection and declared as SPAM.
As already described, the SPF entry serves to identify senders and thus enables another level of security checking and spam protection.
Since SPF is already an industry standard, receiving mail servers and also anti-spam services such as EuropeanMX perform a corresponding SPF check.
Without an SPF record in place, your valid email may also be rejected by the recipient in the very first stage.
By setting up an SPF record, you identify your messages as valid and ensure that the recipient will accept them.
Each SPF entry must first begin with the version number used. The parameter "v" is used here, which stands for the version number.
The current version always begins with "v=spf1".
This is followed by the details of the valid IP addresses from which e-mail messages may be sent. The entry of an IP address is done by specifying the version (IPv4 / IPv6), followed by the IP address with subnet mask.
For example: ip4:192.168.2.1/24
The entry is then concluded with the parameter -all, which defines that all senders not listed are not authorised to send e-mail messages via this domain. A simple, but valid and efficient SPF entry would then look like this:
v=spf1 ip4:192.168.2.1/24 -all
Of course, there are other ways to formulate the SPF entry. Below we have listed some expressions that define the SPF entry and are evaluated in the order from front to back.
The majority of the expressions are so-called directives. These define the authorisation of the sender and consist of an optional qualifier and a so-called mechanism.
| Qualifier | Result code | Description |
|---|---|---|
| + | Pass | the directive defines authorized transmitter; this is the standard, i.e. if no qualifier is specified, + is assumed |
| - | Fail | the directive defines unauthorized senders |
| ~ | SoftFail | the directive defines unauthorized senders, but the recipient should treat this failure generously; this qualifier is for testing purposes |
? | Neutral | the directive defines channels whose legitimacy is not to be stated; The transmitter must be accepted. |
| Mechanism | Directive applies if... |
|---|---|
| all | always |
| a | an A (or AAAA) record of the polled (or explicitly specified) domain contains the IP address of the sender |
| mx | an MX record of the polled (or explicitly specified) domain contains the IP address of the sender |
| ip4 | the specified IPv4 address is the IP address of the sender or the specified IPv4 subnet contains it |
| include | an additional SPF request for the domain specified in the include statement contains the IP address of the sender |
In order to authorise our cloud to send your messages, you must enter the following SPF record in the DNS settings of your domain. Go to the DNS settings of your domain and create a TXT record with the following value:
v=spf1 include:spf.europeanmx.eu -all
If you use other mail servers for sending e-mails, you can simply add a:your.mailserver.com to the record.
By using an SPF record, you basically ensure that your messages are considered valid and that third parties have no direct possibility to send e-mail messages via your domain.
However, if the SPF record in the DNS is not up-to-date, this can quickly lead to problems with delivery. The methods DMARC and DKIM are used to protect against this.
Forwarding can also lead to problems with an active SPF record if the forwarding mail server is not entered in the SPF record.
To anticipate this problem, the DKIM signature is used. The advantage here is that with a DKIM check, forwarded e-mails can also be checked. If an SPF check fails, the DKIM signature can be used to prove that the message is legitimate and can be accepted by the recipient.
The use of DMARC then makes it possible to define measures that will be taken if the SPF and DKIM check fails. For example, it can be determined whether such a message should be accepted anyway, rejected directly or moved to the quarantine.
No problem at all. Simply use our SPF generator at the top of this page to generate a suitable SPF entry for your domain or to check an existing record.
To do this, simply enter the name of your domain in the field and click "Start".
EuropeanMX will check the DNS records of the domain and show the mail servers and IP addresses already stored. Please define whether the server found is allowed to send e-mails or not. You can also define whether the servers stored in the MX records of the domain are allowed to send messages, whether sub-domains are allowed to send e-mails and how servers that are not stored in the SPF record are to be handled.
The advanced settings offer you the option of storing additional web and mail servers as well as IP addresses.
You can also specify that SPF entries of other domains are used.
Caution: If (and only if) an SPF entry already exists for another host name, this can also be evaluated. This is the case, for example, if the mail is sent via the servers of an external provider and their settings are to be adopted.
In the "Result" field, the SPF Generator shows you the SPF entry live, which you can then easily copy and store in the DNS of your domain.
Do you have any questions about SPF and the creation of a record? Contact us, we will be happy to help you!
English
Deutsch
Arabic
Armenian
Bosnian
Bulgarian
Croatian
Czech
Dutch
Estonian
Finnish
French
Georgian
Greek
Icelandic
Italian
Latvian
Lithuanian
Luxembourgish
Macedonian
Norwegian
Polish
Portuguese
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Ukrainian