SPF validation for your mail server

SPF (Sender Policy Framework) is a type of DNS record that allows email services to check if an email sent on behalf of your domain is authorized and legitimate. It is as simple as adding a TXT record in your DNS records.

For example, this indicates all your emails are sent from google apps. If any emails are sent outside of google apps, like a custom exchange server, then it is not legitimate.

TXT @ v=spf1 include:_spf.google.com -all

Another common example is AWS SES:

TXT @ v=spf1 include:amazonses.com -all

SPF record could point to an IP Address as well.

TXT @ v=spf1 ip4:10.10.10.10 -all

You can append multiple identities in a single record.

TXT @ v=spf1 ip4:10.10.10.10 include:_spf.google.com -all

To allow only your domain MX to send an email, add a record like the following:

TXT @ v=spf1 mx -all

If your domain sends no email at all, you can add a record like this:

TXT @ v=spf1 -all

Reference available here.

SPF validation for your mail server

Add SPF entry in your DNS records to authorize a mail server

Snippet Email SEO Security DNS