Skip to main content

How to Merge Multiple SPF Records

Merging SPF records

If you use several services to send emails, then you may need to modify an existing SPF record in order to avoid ending up in the recipients' spam filters. This is done through the DNS widget in the Dashboard.

Dissecting the default SPF record
First, let's have a look at the default SPF record:

v=spf1 include:spf.smartengage.com -all
The first part, "v=spf1", is used to specify that the record in question is an SPF record.

The second, "include:smartengage.com" tells the recipients to include the SPF setup on the domain spf.surf-town.net. We use this domain to list our various email services so that you won't have to worry about which servers that are used to send email.

The third part, "-all", specifies that unauthorized emails should be discarded. One can also use "~all", a less strict variant of "-all", or "?all" if one wants to let the recipients decide what to do with unauthorized emails. We recommend you use "-all" unless you have a specific reason for not doing so.

Now, assume we have the following records:

v=spf1 ip4:144.217.88.91 include:nfye.smartengage.com -all
And
v=spf1 include:spf.protection.outlook.com -all

The first, is SmartEngage's default SPF record, the second is the SPF record for another provider such as outlook. If you use another provider for things like receiving email and sending via their interface; this is why this record exists.

In the example above, the first and last parts of the two records are identical. Thus, we simply need to add the middle part of the second record, to the default record:

v=spf1 ip4:144.217.88.91 include:nfye.smartengage.com include:spf.protection.outlook.com -all

Please note, that if the last part, "-all", differ, then you can only select one of them. You cannot have two declarations for all in one SPF record.

Adding the new SPF record
-Remember that only 1 SPF record should exist in your DNS settings so delete the old one and ensure you have just 1 master SPF record which follows the above example.

Due to the way DNS records are cached, it may take somewhere between one 1-24 hours before the new record is visible to the recipients.