Skip to contentSkip to navigationSkip to topbar
Twilio SendGrid Docs
Page tools
On this page
Looking for more inspiration?Visit the

Sender Policy Framework (SPF)

Internet Security, Internet Standard. An email authentication standard that sets which servers can send email from their domain. RFC 7208(link takes you to an external page) defines this standard.

Sender Policy Framework (SPF) lets domains specify which servers they authorized to send email on their behalf. Receiving hosts can confirm this authorization.

The SPF uses the existing DNS infrastructure. The sending email server adds a TXT record(link takes you to an external page) to their DNS. This record contains a list of the IP addresses of email servers authorized to send email messages for that domain.

When the administrator of a receiving email server turns on SPF checks, each incoming message triggers a DNS lookup for an SPF record on the sending email server's DNS. The receiving server then tries to find the IP address of the sending server in the allowed list of IP addresses in the SPF record. If it finds a match, the email message passes and gets delivered to the recipient's inbox. If it doesn't find a match, the email message gets processed according to the receiving server's DMARC policy.

Most large inbox providers have an active SPF policy. While Twilio turns on SPF for all email on all IP addresses, you must configure domain authentication first.