Free Tool

Free SPF Record Checker

Validate SPF syntax, count nested DNS lookups (including 'include' chains), and catch the RFC 7208 10-lookup limit before it breaks your email.

How it works

Enter a domain

We query the root TXT records and find any record starting with v=spf1.

Recursively count lookups

Every 'include:' triggers a sub-lookup. We walk the chain and tally the total.

Get a clean verdict

Mechanisms, qualifiers, lookup count, and a list of issues — color-coded by severity.

Frequently asked questions

Why does the 10-lookup limit matter?+

RFC 7208 §4.6.4: if SPF resolution exceeds 10 DNS lookups, receivers must return permerror. That means your messages get treated as if SPF failed even when the record is fine in spirit.

I have multiple SPF records — is that bad?+

Yes. RFC 7208 requires exactly one. Multiple SPF records cause receivers to permerror. Merge them into a single record.

What's the difference between -all, ~all, and ?all?+

-all = hard fail (reject), ~all = soft fail (mark suspicious), ?all = neutral (no action). Use ~all while rolling out, -all in steady state. Never use +all.

What about 'redirect=' modifiers?+

redirect= replaces the current SPF policy with another domain's. We follow it and count its lookups too.

Building a SaaS that needs custom domains?

Domainee is the API for adding customer custom domains to your product. One CNAME, automatic TLS, no DevOps to staff.

Start for free Read the docs

50 custom domains and 100 GB bandwidth free, forever.

More free tools

SSL

Free SPF Record Checker

How it works

Enter a domain

Recursively count lookups

Get a clean verdict

Frequently asked questions

Building a SaaS that needs custom domains?

More free tools

Free SSL Certificate Checker

Free DNS Record Lookup

Free WHOIS Lookup

Free CNAME Lookup & Generator

Free HTTP Header Checker

Free DNS Propagation Checker