Utinzo

SPF Record Checker

Validate the SPF (Sender Policy Framework) record for any domain and understand its email authentication policy.

Did this tool work for you?

AdSense336 × 280
AdSense336 × 280

How to use this calculator

  1. 1

    Enter the domain name whose SPF record you want to check.

  2. 2

    Click "Check Now" to retrieve and parse the SPF record.

  3. 3

    The tool shows the policy, included domains, IP ranges, and the "all" mechanism.

  4. 4

    A "-all" (hard fail) policy offers the strongest protection.

AdSense · 728 × 90

Frequently asked questions

What is SPF and why do I need it?

SPF (Sender Policy Framework) is a DNS record that lists which mail servers are authorized to send email on behalf of your domain. Without SPF, anyone can forge email from your domain. Email receivers check SPF to decide whether to accept or reject messages.

What does -all vs ~all vs +all mean?

-all is a hard fail: mail from unauthorized servers should be rejected. ~all is a soft fail: mail from unauthorized servers should be marked suspicious but accepted. +all passes all senders — effectively no protection. ?all is neutral. Use -all for maximum security.

What is the 10 DNS lookup limit in SPF?

SPF allows at most 10 DNS lookups during validation (from include:, a:, mx:, exists: mechanisms). Exceeding this causes a "permerror" which may cause email to fail. If you have many email senders, consolidate using SPF flattening tools.

I use Google Workspace — what should my SPF look like?

For Google Workspace only: v=spf1 include:_spf.google.com ~all. If you also use other senders (e.g. Mailchimp, SendGrid), add their include: mechanisms before the ~all.

About spf record checker

SPF Record Checker — Validate your email authentication policy

How SPF prevents email spoofing

When a receiving server gets an email claiming to be from yourdomain.com, it queries DNS for yourdomain.com's SPF record, then checks whether the sending server's IP is listed. If not, the SPF check fails, and the receiver can reject or flag the message as spam.

Building a correct SPF record

Start with v=spf1. Add include: for each email service (Google, SendGrid, Mailchimp, etc.). Add ip4:/ip6: for any servers that send email directly. End with -all for hard fail or ~all for soft fail. Example: v=spf1 include:_spf.google.com include:sendgrid.net ip4:203.0.113.10 -all

SPF Record Checker – Utinzo

Learn more from an authoritative source:

MDN Web Docs
Related tools

JSON Formatter & Validator

Format, validate, and minify JSON — with clear error messages for invalid input.

Base64 Encoder / Decoder

Encode plain text to Base64 or decode Base64 strings back to readable text.

URL Encoder / Decoder

Encode special characters in URLs (percent-encoding) or decode percent-encoded URLs.

UUID Generator

Generate UUID v4 (random) identifiers — one or in bulk.

See all Developer Tools tools

Results are estimates for informational purposes only and do not constitute professional financial, medical, legal, or technical advice. Read full disclaimer →