LogoSimply SendDOCS
    GuideDomain VerificationSPF

    SPF Configuration

    SPF (Sender Policy Framework) is a DNS record that prevents spammers from sending emails using your domain (yourdomain.com).

    Overview

    Sender Policy Framework (SPF) is an email authentication standard that lists the specific servers and IP addresses authorized to send emails on behalf of your domain name.

    Why It's Needed

    When an email is sent from your domain, the recipient's mail server checks your SPF record to verify if the sending server is authorized by you. If the server is not on the list, the email may fail authentication and be marked as spam or rejected entirely. Adding this record tells receiving servers that Simply Send is officially authorized to deliver emails for you, preventing them from being flagged as spoofed spam.

    Step 1: Retrieve Your SPF Record

    Log in to Simply Send, go to the Domains page, select your domain, and navigate to the DNS Records page. Under the Email Authentication section, you will find your pre-generated SPF record.

    Step 2: DNS Record Specifications

    You must add or update a TXT record with your DNS provider (e.g., Cloudflare, Route53, GoDaddy) using these exact details:

    Record TypeHost / NameValue / ContentTTLVerification Status
    TXTyourdomain.comv=spf1 include:amazonses.com include:rp.oracleemaildelivery.com ~allAuto / 1 hourMandatory

    Step 3: Configuration Guide & Critical Considerations

    Before adding any new records, you must verify if you already have an SPF record. Log in to your DNS provider and check your existing TXT records on the root domain (usually denoted by @ or left blank). Look for any record that begins exactly with v=spf1. Depending on what you find, follow one of the scenarios below:

    Verification Tip: Not sure if you have an SPF record? You can enter your domain on MxToolbox or open your computer's terminal and type dig TXT yourdomain.com to check.

    AScenario A: You do not have an existing SPF record

    Add a brand new TXT record containing the exact value provided in your dashboard:

    v=spf1 include:amazonses.com include:rp.oracleemaildelivery.com ~all

    BScenario B: You already have an existing SPF record

    Do not create a second SPF record! Doing so will cause both to fail. Instead, edit your existing record and insert the Simply Send requirements (include:amazonses.com include:rp.oracleemaildelivery.com) right before the final ~all or -all tag.

    v=spf1 include:_spf.google.com include:amazonses.com include:rp.oracleemaildelivery.com ~all

    Important Rules for Merging Email Services

    You can only have one SPF record per domain. If you use multiple email delivery services (e.g., Simply Send and Google Workspace or Microsoft 365), you must combine them into a single record.

    Example Combined Record:

    v=spf1 include:amazonses.com include:rp.oracleemaildelivery.com include:_spf.google.com ~all

    Multiple SPF Records Fail

    Having two separate TXT records starting with `v=spf1` will cause permanent authentication failures (PermError) for receiving mail servers.

    10 DNS Lookups Limit

    The SPF protocol limits records to 10 nested DNS lookups. Combining too many `include:` statements from different services will break verification.

    Step 4: Verify and Activate

    Wait for Propagation

    DNS changes can take anywhere from a few minutes to 24 hours to update globally across all DNS servers.

    Enable in Console

    Once your DNS propagation completes, click "Verify" in your Simply Send dashboard to activate the authentication status.

    Next Step: Digital Signatures (DKIM)

    Encrypt your email headers with DKIM to ensure messages are not tampered with during transit.

    Configure DKIM