We have noticed many common mistakes and misconfigurations in published SPF records. As there is no reporting when a recipient MTA rejects a record, these errors can be hard to notice and debug. Check your domain with DomainProactive to ensure your SPF record is configured correctly to maximize deliverability.
Multiple records: Some domains publish multiple TXT records containing SPF records. This is not permitted per §3.2 of RFC 7208. This is often the result of adding a record without realizing that one already exists. In such cases, the receiving MTA may evaluate the record not intended or fail to evaluate any of them.
ptrmechanism is deprecated and should not be used, per §5.5 of RFC 7208.
Specifying an IP address where a domain specification is expected: This is an easy mistake to make. Consider the record,
"v=spf1 +mx +ip4:18.104.22.168 +a:22.214.171.124 ~all". The administrator likely meant to use
aas the mechanism. The
amechanism expects a domain specification and not an IP address.
SPFtype: An earlier version of the SPF protocol used records of type SPF (RR type 99) in the DNS entry for a domain. This is deprecated per §14.1 of RFC 7208 in favor of putting the SPF record in a TXT record.