DNS email hygiene tool
SPF Checker
Validate SPF records, follow include/redirect chains, count DNS lookups, and get actionable hardening advice before delivery failures happen.
Recursive include/redirect analysis
DNS lookup budget tracking
Best-practice risk checks
Domain quickstart
Overall Summary
Overall status
-
Domains inspected
0
DNS lookups
0
Stop reasons
0
Stop reasons
Inspection Timeline
No checks submitted yet.
What You Can Check
Validate your SPF setup before mailbox providers reject or flag outbound messages.
- Inspect include and redirect chains recursively
- Track DNS lookup budget against SPF limits
- Detect syntax, duplicate SPF, and recursion loop risks
If SPF Fails
Broken SPF can reduce deliverability and open abuse paths that harm your sending reputation.
- Legitimate emails may land in spam or get blocked
- Forwarders and third-party senders may fail alignment
- Too many lookups can trigger permanent SPF errors
When SPF Is Clean
A well-maintained SPF record supports trusted delivery and simplifies incident response.
- Mail servers can verify authorized senders faster
- Lower spoofing risk for your visible domain identity
- Stronger foundation for DMARC policy enforcement
Examples, Do's and Don'ts
Example Patterns
v=spf1 ip4:203.0.113.10 include:_spf.google.com -allv=spf1 mx include:mail.vendor.example ~all- One SPF TXT record per host/domain, not multiple SPF records
Do
- Keep includes current and remove unused senders
- Stay under SPF DNS lookup limits
- Retest after DNS or provider changes
Don't
- Publish multiple SPF records for the same domain
- Use broad
+allauthorization in production - Assume old includes still point to active providers