Can I Have Multiple SPF Records on My Domain?

SPF Multiple SPF Records

Can you have multiple SPF records on a single domain? The answer is no: a domain MUST NOT have multiple SPF records, otherwise SPF fails with PermError.

An SPF record is a TXT record in the DNS starting exactly with "v=spf1", followed by an array of mechanisms and/or modifiers.

An SPF check starts by fetching all TXT records starting exactly with "v=spf1" on a domain:

  • if no such record is found, it returns None;
  • if multiple such records are found, it returns PermError.

For example, if you have 2 TXT records on

Record Type Name Value TTL
TXT v=spf1 -all Default
TXT v=spf1 -all Default

All emails sent on behalf of will fail SPF authentication with PermError.

In order to fix this, you need to add all the mechanisms that contain legitimate IP addresses in 1 SPF record, as shown below:

Record Type Name Value TTL
TXT v=spf1 -all Default

For SPF authentication to pass, all these conditions must be met:

Use Safe SPF to fix the SPF PermError: Too Many DNS Lookups issue.

You can use our free SPF record checker to check if your SPF record has any issues.

Monitoring SPF records

Now that the validity of SPF settings is crucial to SPF authentication success, you might want to receive alerts when an SPF setting is messed up, so that you can take action to fix it as soon as possible.

DMARCLY's domain monitoring feature allows you to do exactly that. In order to monitor your domain:

  1. log in to the dashboard;
  2. go to DNS Records => Domains, add your domain;
  3. go to Reporting and Alerts => DNS Alerts, create a recipient with your email.

From now on, if multiple SPF records are found on your domain, you will get an email notification that looks like below. Nice!

Multiple SPF Records on Domain Warning

Related posts:

Previous Post Next Post

 Protect Business Email & Improve Email Deliverability

Get a 14 day trial. No credit card required.

Create Account