Are you looking for an easy way to merge multiple SPF records? Stay tuned! As we are going to show you exactly how to do it the right way.

multiple spf records

SPF (Sender Policy Framework) record is a type of DNS (Domain Name System) TXT record that tells the ESPs (Email Service Providers) which server is authorized to send emails on behalf of your domain.

If you run a big business, you probably rely on more than one email service, which forces you to have multiple SPF records. That’s where you need to merge all the SPF records into one because the DNS zone of any domain doesn’t allow multiple SPF records for one domain.

In this article, we will show you how to check and merge multiple SPF records. But before diving into the nitty gritty, let’s look at why having multiple SPF records for a domain is a problem in the first place.

Why Having Multiple SPF Records for One Domain is a Problem?

You might be wondering, can there be multiple SPF records for a domain? 

The simple answer is No. Because if a domain has more than one SPF record, the ESPs will return your emails with an error called “PermError” and ignore all the SPF records. This means that your emails haven’t passed the SPF authentication process.

Ultimately, you will experience lower email deliverability, and even your domain might get banned. Therefore, checking if you have multiple SPF records for your domain and merging them into one is important.

How to Check for Multiple SPF Records

To check if you have multiple SPF records for one domain, you can use an online tool such as MXToolbox. This tool will query the DNS for your domain and display all the TXT records that contain an SPF record.

To use this tool, simply enter your domain name in the “Domain Name” field and click on “SPF Record Lookup.”

You will see a list of TXT records that contain an SPF record. If you see more than one TXT record that starts with “v=spf1”, it means that you have multiple SPF records for your domain.

As you can see, there are two TXT records that start with “v=spf1”. The first one is the default SPF record provided by the web hosting company. The second one is the custom SPF record added by the domain owner.

If you are wondering how to resolve multiple SPF records?, Don’t worry!

To resolve this issue, you need to combine the two SPF records within the DNS records section, which is typically managed by your domain registrar or the web hosting company you have chosen, especially if you have purchased your domain and hosting together as a package.

How to Merge Multiple SPF Records [Step-by-Step]

The following is an easy step-by-step process that you can follow to merge multiple SPF TXT records into one.

Step#1: Identify and Compile All Authorized IPs and Domains

To set up a single SPF record that precisely represents all the sources that are authorized to send emails on behalf of your domain. You need to prepare a list of all the IP addresses and domain names.

To get this data, go to the DNS settings of your domain using your web hosting account or domain name registrar account. In this example, we are considering Cloudflare.

To begin, you’ll need to log in, select your domain, and click the “DNS” menu button.

You will see a list of your entire DNS. To find duplicates, look for only TXT records. Note each SPF record first, then click the “Edit” button, followed by “Delete” to delete that SPF record.

Warning: Don’t delete all the SPF records. Instead, keep one so that you can merge all your SPF records.

Step#2: Create and Update a New SPF Record

Before you begin creating a merged SPF record, you should know that each SPF record has three main sections: 

  • Declaration: An SPF record always starts with “v=spf1” (it appears only at the start and doesn’t repeat within the rule).
  • Allowed IPs and Domains: Use “include” to add a domain and specify “ip4” or “ip6” for IPs.
  • Enforcement rule: Conclude the record with the “~all” statement( use it only once at the end).

After merging all the SPF rules, the combined record will look like this:

v=spf1 ip4:192.158.234.102 include:emailsrvr.com ~all

Add the merged SPF record in the “Content” field and hit the “Save” button.

Important Note: Remember, an SPF record has limitations: up to 10 domain lookups (e.g., include) and a maximum length of 255 characters per statement.

Step#3: Verify The New Merged Multiple SPF Record

Verify the updation of the merged SPF record to ensure that the new SPF record is working. DNS modifications may take up to 48 hours to become effective, but Cloudflare changes are usually effective in a matter of minutes.

After waiting for a while, you can use MXToolbox to verify the update of your SPF record.

 If updated correctly, you’ll see something like this;

Congratulations! You have now resolved the issue of multiple SPF records for your domain.

To Wrap Up

Email domain authentication is key to ensuring better email delivery. However, having multiple SPF records for a single domain can cause authentication errors, negatively impacting your email deliverability.

That’s why knowing how to merge multiple SPF records will ensure the deliverability of your emails, even if you’re sending them from multiple domains.

Hopefully, you found our blog helpful, and if you are using Post SMTP and have any difficulties regarding email deliverability or configuration issues, please feel free to contact us for expert assistance.

We would be happy to assist you!

Frequently Asked Questions

What is the maximum number of SPF entries?

An SPF record can only perform up to 10 DNS lookups with a maximum of 255 character string limit (SPF Record Statement). So, if you exceed this limit, your SPF record may cause a PermError and fail to authenticate your emails.

Does SPF apply to subdomains?

Yes, SPF applies to subdomains as well as root domains. However, subdomains do not inherit the SPF record of their parent domain by default. You have to create a separate SPF record for each subdomain and publish it in your DNS zone record.

What happens if you have more than 10 SPF records?

If you have more than 10 SPF records for one domain, you will encounter a PermError because the email service provider will not authenticate your emails or might mark them as spam.

Do SPF records expire?

No, SPF records do not expire unless you delete them from your DNS zone file. However, you may need to update your SPF record occasionally if you change your email sources or add new ones.

What is the length of an SPF record?

The length of an SPF record has a limit of 255 characters. If you exceed this limit, the SPF authentication will fail.

Does SPF include IP and domain?

Yes, SPF includes both IP addresses and domains as mechanisms to specify which servers are authorized to send emails on behalf of your domain. You can use the ip4 or ip6 mechanisms to add an IP address and the “include” mechanism to add a domain to your SPF record.