What is SPF?
SPF stands for “Sender Policy Framework” and is an important spam protection procedure for sender authentication when sending emails.
SPF records are TXT records in a domain’s DNS settings, which define which servers can send emails for the domain’s mailboxes. The receiving server checks whether the received email comes from one of the authorized mail servers. If the SPF record information matches the sender information in the email, the email is delivered, otherwise, it is treated as spam and rejected.
The same applies to incoming emails, which our servers also check for existing SPF records. For example, if a Gmail sender sends an email via servers that are not authorized to send Gmail, the email will be rejected by our servers as spam.
If you want to use the SPF procedure, please create a corresponding record in your domain’s DNS settings in the “TXT” format with the content
"v=spf1 include:spf.routing.net -all".
You will find a complete overview of the SPF record syntax under SPF Record Syntax.
What is SPF and how to use it
SPF stands for Sender Policy Framework. It is an email authentication mechanism that helps receiving mail servers verify whether a mail server is authorized to send email on behalf of a specific domain. SPF records are published as TXT records in a domain’s DNS zone and list the mail servers permitted to send mail from that domain. If an incoming email fails SPF checks, many mail systems will mark it as spam or reject it.
For domains hosted through hosting.de, you can implement SPF by adding a DNS TXT record in the appropriate format so that your domain’s sent mail is authenticated by receiving servers.
How SPF works
SPF works during the SMTP transaction when the receiving mail server checks the DNS for your domain’s SPF record and evaluates whether the connecting mail server is authorized. It compares the sending server’s IP address against the list of authorized servers in the SPF record. If the connecting server is not included in the SPF policy, the mail may be treated as spam or rejected.
The SPF record begins with the version declaration v=spf1 followed by one or more mechanisms or qualifiers that define which hosts are allowed. A typical ending in the record is -all, which indicates that mail from any unauthorized host is not permitted.
Recommended SPF record format for hosting.de
To implement SPF for email services hosted with hosting.de, create a DNS TXT record in your domain’s DNS zone with this content:
v=spf1 include:spf.hosting.de -all
This record authorizes the mail servers of hosting.de to send email on behalf of your domain. When placing this text in your DNS settings, ensure you select TXT as the record type and enter the exact syntax above.
Using this format reduces the likelihood that messages sent from your domain will be treated as spam by many mail systems.
Why SPF matters for email delivery
SPF is an essential building block for reliable email delivery because it helps receiving servers verify whether mail claiming to come from your domain is legitimately sent by an authorized server. Without an SPF record, servers that receive your email cannot confirm the sending source and may classify it as suspicious.
Implementing SPF is especially important when:
- You use a third-party mail service to send messages (e.g., marketing tools or CRM systems). In that case, you must include those services in your SPF policy.
- You want to reduce the risk of spammers spoofing your domain to send phishing or fraudulent messages.
- You rely on good deliverability to large mail providers that enforce stricter authentication.
An SPF record alone does not guarantee delivery, but it significantly improves trust in your domain’s email.
Common SPF mistakes and how to avoid them
While SPF is relatively simple in concept, misconfigurations can still occur. The most common issues include:
- Multiple SPF records: Having more than one SPF TXT record for a domain can break validation. Only one SPF TXT record should exist.
- Too many DNS lookups: SPF policies with too many includes or mechanisms can exceed DNS lookup limits, causing SPF to fail.
- Missing third-party senders: If you use external services (for newsletters or CRM emails) but do not include them in your SPF record, those messages may fail SPF checks.
When editing SPF:
- Consolidate all authorized senders into a single record when possible.
- Use includes only when necessary and ensure they are valid.
- After publishing changes, use SPF validation tools or DNS checkers to confirm correct syntax and expected behavior.
Correct SPF configuration is a key step toward consistent email deliverability and security for your domain’s messages.