SPF Checker
Check SPF (Sender Policy Framework) records for email authentication. Validates syntax, counts DNS lookups, detects services, and provides best practice recommendations.
Login Required
Sign in with Google to check SPF records. While you wait, explore our VPS benchmarks or browse other tools.
Onidel Cloud VPS
Performance-first cloud hosting for teams that need consistent benchmarks and transparent pricing.
- 99.99% uptime SLA
- Proven availability for critical workloads
- Plans from $4.95/month
- Predictable pricing and simple scaling
- AMD EPYC + NVMe stack
- Modern hardware with built-in DDoS protection
- 5 global regions
- Singapore, Sydney, Amsterdam, Ho Chi Minh City, more coming soon
Ideal for: demanding SaaS workloads, managed hosting agencies, and teams migrating off legacy VPS providers.
Launch faster with concierge onboarding
Start 14-day TrialRelated Email Security Tools
VPS Platform Resources
Frequently Asked Questions
What is SPF and why is it important?
SPF (Sender Policy Framework) is an email authentication protocol that specifies which mail servers are authorized to send emails on behalf of your domain. It works together with DMARC and DKIM to prevent email spoofing and improve deliverability. Proper SPF configuration verified through DNS Lookup ensures your legitimate emails reach recipients' inboxes.
How do I fix DNS lookup limit issues?
SPF records are limited to 10 DNS lookups per RFC 7208. If you exceed this limit, use mechanisms like ip4/ip6 instead of include where possible, flatten include chains, or use SPF flattening services. Always verify changes with our SPF Checker and check overall DNS configuration to ensure proper propagation.
What does "PermError" mean in SPF checks?
PermError (Permanent Error) indicates a fatal SPF configuration issue, such as having multiple SPF records, exceeding 10 DNS lookups, or syntax errors. This causes ALL emails to fail SPF authentication. Use our tool to identify the specific issue, and complement with Blacklist Checker to monitor your domain's email reputation.
Should I use ~all or -all in my SPF record?
Use ~all (SoftFail) during testing and -all (Fail) for production once verified. -all provides stronger protection against spoofing but rejects unauthorized emails, while ~all marks them as suspicious. Always test with DMARC in monitoring mode first, and verify your domain setup with WHOIS Lookup to ensure proper DNS management.
VPS Platform
Email Security Tools
About & Support
About SPF Checker
SPF (Sender Policy Framework) authenticates email senders by specifying authorized mail servers. This comprehensive tool validates syntax, counts DNS lookups (max 10 per RFC 7208), detects third-party services, resolves include chains, and provides best practice recommendations. Proper SPF configuration prevents email spoofing and improves deliverability.
Tool Spotlight
SPF Checker - Validate Sender Policy Framework Records
Check SPF records for email authentication, validate syntax, count DNS lookups, and review best-practice recommendations. Pair it with DMARC Lookup and DNS Lookup for a fuller mail-auth audit.
Key Features
- SPF record validation
- DNS lookup counter (10 lookup limit)
- Third-party service detection
- Syntax error detection
- Best practice recommendations
Use Cases
- Email authentication setup
- SPF record optimization
- Email deliverability fix
- Domain security hardening
