App StoreApp Store
Google PlayGoogle Play
Temp Mail Logo

Temp Mail safeguards your privacy while keeping your inbox free from spam.

📨 SPF · v=spf1 · include · ip4 · ip6 · -all · Lookup Count

SPF Record Checker

Free SPF record checker and validator. Look up any domain's SPF TXT record, parse all mechanisms, check the 10-lookup limit, and identify misconfigurations that can break email delivery.

✓ Live DNS lookup✓ All mechanisms parsed✓ 10-lookup limit check✓ Issue detection✓ No signup
📨
Enter a domain to check its SPF record
What this tool does

Free SPF record checker — validate SPF DNS records, parse mechanisms, and detect deliverability issues

How SPF records work and what this tool checks

This SPF record checker queries your domain's DNS TXT records for the SPF entry (the one starting with v=spf1) and parses every mechanism — ip4, ip6, include, mx, a, redirect, and all. It checks the DNS lookup count against the 10-lookup RFC limit, identifies dangerous configurations like +all, missing all mechanisms, and the deprecated ptr mechanism.

SPF is one of three email authentication standards (alongside DKIM and DMARC) that protect your domain from being used in phishing and spam campaigns. A misconfigured SPF record — particularly one that exceeds 10 DNS lookups — can cause legitimate email from your domain to be rejected or marked as spam. This tool makes it easy to catch these issues before they affect email deliverability.

Features and capabilities
Live Lookup
Queries DNS TXT records in real time using Cloudflare DoH.
Full Parse
Every mechanism (ip4, ip6, include, mx, a, redirect, all) shown separately.
10-Lookup Check
Counts DNS-resolving mechanisms and warns when approaching or exceeding the limit.
+all Warning
Flags the insecure +all mechanism that allows anyone to send as your domain.
Qualifier Display
Shows pass/fail/softfail/neutral qualifier for each mechanism.
Missing all
Warns if no all mechanism is present — required for proper SPF policy.
FAQ

Frequently asked questions about SPF records and email authentication

What is an SPF record?
SPF (Sender Policy Framework) is an email authentication mechanism that specifies which mail servers are authorised to send email on behalf of a domain. Published as a TXT record in DNS, it lists IP addresses, hostnames, or other domains that can legitimately send email from your domain. When a receiving mail server gets an email claiming to be from your domain, it checks your SPF record to verify the sender is authorised. SPF helps prevent email spoofing and improves deliverability.
What does -all vs ~all mean?
-all (hard fail) means any server not explicitly listed in the SPF record should be rejected. This is the strictest setting and the most secure. ~all (soft fail) means unlisted servers should be treated with suspicion but not necessarily rejected — the receiving server marks it as suspicious and may deliver it to spam. +all (pass all) means any server can send email as your domain — this is extremely insecure and should never be used. ?all (neutral) makes no recommendation.
What is the 10 DNS lookup limit?
The SPF specification limits evaluation to 10 DNS lookups. Each include:, a, mx, exists, ptr, and redirect mechanism counts as one lookup. If your SPF record causes more than 10 lookups, receivers return a PermError, which can cause email to be rejected. This is a common problem for organisations using multiple email services (marketing platform + CRM + helpdesk + transactional email) each adding their own include: mechanism. The fix is SPF flattening — replacing include: mechanisms with their resolved IP ranges.
Does SPF alone prevent email spoofing?
SPF alone is not sufficient to prevent spoofing. It only validates the envelope sender (the MAIL FROM address used during SMTP negotiation), not the From: header that users see in their email client. An attacker can craft an email where the envelope sender passes SPF but the visible From: header is your domain. DMARC addresses this by requiring alignment between the envelope sender and the From: header. You should deploy SPF, DKIM, and DMARC together for comprehensive anti-spoofing protection.
Related Email Tools
DMARC CheckerDKIM AnalyzerMX Record LookupSPF Flattening ToolEmail ValidatorAll Tools

Need a disposable email address?Get a free instant throwaway email — no signup, no trace.

Get Free Temp Mail →