MoovMail logo|Documentation

SPF Configuration

SPF (Sender Policy Framework) prevents email spoofing by specifying which mail servers can send email on behalf of your domain.

🛡️ What is SPF?

SPF is like a whitelist of approved senders for your domain. When someone receives an email from your domain, their email server checks the SPF record to verify the email came from an authorized server.

Without SPF: Spammers can easily forge emails from your domain.
With SPF: Only authorized servers can send emails, protecting your reputation.

Required SPF Record for MoovMail

SPF TXT Record

Type:TXT
Name/Host:@ (root domain)
Value:v=spf1 include:_spf.moovmail.com ~all
TTL:3600 (1 hour)

Understanding the SPF Record

Let's break down what each part means:

v=spf1

Declares this is an SPF version 1 record

include:_spf.moovmail.com

Authorizes MoovMail servers to send email on your behalf. This includes all IP addresses listed in MoovMail' SPF record.

~all

Soft fail: Emails from unauthorized servers should be marked as suspicious but not rejected. This is recommended during initial setup.

SPF Policy Mechanisms

The ending mechanism determines what happens to emails from unauthorized servers:

MechanismMeaningRecommendation
~allSoft fail - Mark as suspicious✅ Recommended for initial setup
-allHard fail - Reject the email⚠️ Use after testing (stricter)
?allNeutral - No policy❌ Not recommended
+allPass - Allow all❌ Never use (defeats purpose)

Step-by-Step Setup

Step 1: Check for Existing SPF Record

Before adding an SPF record, check if you already have one:

  1. Go to your DNS management panel
  2. Look for existing TXT records on your root domain (@)
  3. Search for records starting with v=spf1

⚠️ Important: You can only have ONE SPF record per domain. If you already have an SPF record (e.g., for another email service), you need to merge them, not create a second one.

Step 2: Add or Merge SPF Record

If you have NO existing SPF record:

  1. Click "Add Record" in your DNS panel
  2. Select type: TXT
  3. Name/Host: @ (or leave blank)
  4. Value: v=spf1 include:_spf.moovmail.com ~all
  5. TTL: 3600
  6. Save the record

If you HAVE an existing SPF record:

You need to add MoovMail to your existing SPF record. For example:

Before (existing SPF):

v=spf1 include:_spf.google.com ~all

After (merged SPF):

v=spf1 include:_spf.google.com include:_spf.moovmail.com ~all

Simply insert include:_spf.moovmail.com before the ~all part.

Common SPF Scenarios

Migrating from Gmail

If currently using Gmail:

v=spf1 include:_spf.google.com include:_spf.moovmail.com ~all

Migrating from Outlook/Office 365

If currently using Microsoft:

v=spf1 include:spf.protection.outlook.com include:_spf.moovmail.com ~all

Using Multiple Services

If you have multiple email services:

v=spf1 include:_spf.google.com include:_spf.moovmail.com include:servers.mcsv.net ~all

⚠️ SPF Lookup Limit: SPF has a limit of 10 DNS lookups. If you include too many services, SPF may fail. Keep it under 10 include: statements.

Verification

Using MoovMail Dashboard

  1. Go to your MoovMail dashboard
  2. Navigate to DNS Setup
  3. Click "Check DNS Records"
  4. Wait for SPF verification (may take a few minutes)

Using Online Tools

  1. Visit MXToolbox SPF Check
  2. Enter your domain name
  3. Verify the SPF record is found
  4. Check that it includes _spf.moovmail.com

Using Command Line

Windows (Command Prompt):

nslookup -type=txt yourcompany.com

Mac/Linux (Terminal):

dig yourcompany.com TXT | grep spf

Troubleshooting

SPF Record Not Found

  • Wait 1-2 hours for DNS propagation
  • Check you added it as a TXT record (not SPF type)
  • Verify the Name/Host is @ (root domain)
  • Ensure no typos in the value

Multiple SPF Records Error

If you see an error about multiple SPF records:

  • Find all TXT records starting with v=spf1
  • Merge them into ONE record
  • Delete the extra SPF records

SPF Too Long Error

SPF records have a 255-character limit for a single string:

  • Remove unnecessary include: statements
  • Use IP addresses instead of includes where possible
  • Contact support for help optimizing your SPF record

Best Practices

  • ✅ Start with ~all (soft fail) during testing
  • ✅ Switch to -all (hard fail) after confirming everything works
  • ✅ Keep your SPF record under 10 DNS lookups
  • ✅ Regularly review and clean up unused services
  • ✅ Test email delivery after making changes
  • ❌ Never use +all or ?all
  • ❌ Don't create multiple SPF records

Next Steps

After configuring SPF:

Need Help?

SPF configuration can be tricky, especially when merging with existing records. Our support team can help you get it right.