Definition
SPF Record
Sender Policy Framework, a DNS record that specifies which mail servers are authorized to send email on behalf of your domain, preventing unauthorized senders from forging your domain in email.
Why it matters in B2B outbound
SPF is the first layer of email authentication. Without it, any mail server in the world can send email claiming to be from your domain. Receiving servers have no way to verify authenticity, so they apply higher scrutiny to your messages — which hurts deliverability even when you're sending legitimately.
Setting up SPF is one of the fastest deliverability wins available: it takes 15-30 minutes to configure and has immediate impact on inbox placement. Most major email providers (Gmail, Outlook) check for SPF records as part of their filtering decisions. Failing SPF authentication increases the probability of spam placement, especially for cold outreach where you have no prior engagement with recipients.
SPF works in combination with DKIM and DMARC to form a complete authentication stack. SPF covers which servers are allowed to send; DKIM covers whether the message was tampered with in transit; DMARC covers what to do when either check fails. All three are needed for strong deliverability.
How it works
An SPF record is a TXT record added to your domain's DNS. It lists the IP addresses and domains authorized to send email on your behalf. A basic SPF record for Google Workspace looks like: v=spf1 include:_spf.google.com ~all. The ~all at the end means 'soft fail' — messages from unlisted servers are marked suspicious but not rejected. Use -all (hard fail) once you're confident all your legitimate sending sources are listed. Include every email service you send from (your ESP, your CRM, your support tool) or authentication will fail for those senders. DNS changes propagate in 1-48 hours.
Related terms
Need help with spf record?
Book a free 30-minute audit. We will show you exactly what to fix and how to fix it.
Book a free audit