Multiple SPF records - Authorize senders with SPF

Multiple SPF records are not recommended and may cause delivery and spam classification issues. According to RFC specs, a domain name must not have multiple records that would cause an authorization check to select more than one record.

If you need to authorize more than one mail server for your domain, we recommend that you update your existing SPF record instead of creating multiple records.


v=spf1 ip4: ~all
v=spf1 ~all

This text will cause the SPF check to fail because there are multiple records. Instead, add the mail server's IP address before the ~all argument using the format ip4:address or ip6:address to add the server to your existing SPF record:

v=spf1 ip4: ~all

Above are entered into the zone record by way of a TXT record and above would allow the IP shown + and 

An example of a TXT Record: 

IN"v=spf1 -all"

For more details on the SPF format, see Sender Policy Framework

* You may review the following alternative method of resolution: 

Please note the sender has to have a valid SPF to allow relay, we always check SPF in the filters when relaying.
To avoid this trigger please either create an SPF for the sender domain in the DNS (as noted above) or add the sender IP/domain to the SPF skip.

To add the IP/domain to the skip list go to the recipient domain> Filter Settings> "Manage list of and IP..." and add the entry to this menu.

- Note we do not suggest you use the 2nd method of adding the domain to the SPF skip list, rather use the 1st method of adding the domain by way of the include: and the sending domain, however if your confident about the domain, you could add to the skip list if you choose. 

An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain.

Feedback and Knowledge Base