Setting up SPF
In this article:
Introduction
Start here if you want to learn about how SPF, DKIM and DMARC work together.
SPF includes addresses that your domain (and therefore you) approve of. This means, for example, that an email recipient can check your domain to see whether the email server in question is included in your domain, or if the email should be considered spam. SPF must be set up individually on all domains where you want to use SPF.
Setting up SPF
Log in to your DNS-manager and add a new DNS-record of the type "TXT" with the following content (this SPF-record is exclusively related to emails sent through the shop system):
- Type:
TXT - Hostname:
(domain) - TTL:
3600 - Text:
v=spf1 include:spf.shopfactory.io -all
Your record should look like this, but with your own domain instaed of "domain":
(domæne) TXT 3600 v=spf1 include:spf.shopfactory.io -all
The string "spf.shopfactory.io" collects the addresses of the SMTP mail services that the shop system uses to send emails. If there are changes in an underlying system, we maintain the list so you don't have to change your DNS.
Important
The above example will only work if you use your domain exclusively for emails that are sent through the shop system. If you send through other mail servers (Exchange, mail-hotels, web-mail and/or a an external newsletter system, etc.), you need to include these other systems in your SPF-record along with the string shown above. As you probably already have an SPF-record on your domain, a realistic example of an SPF-record that includes the mail server of the shop might look something like this:
(domæne) TXT 3600 v=spf1 include:spf.protection.outlook.com include:mailgun.org include:spf.shopfactory.io -all
In the example above, Office 365, HeyLoyalty (email marketing platform for newsletters) and the shop's mail server is included in the same SPF-record.
Always make sure that your SPF record is 100% correct. If not, you risk that your outgoing emails won't be delivered (see link to an SPF-testing tool at the bottom of the article). Don't hesitate to contact our customer support if you have the least bit of doubt about this.
Note: The maximum amount of domain references in an SPF-record is 10, but it is possible to reference another another SPF-record that counts for one reference, and in this way create room for more lookups (this is the technique used for the spf.shopfactory.io, for example). The number of IP-address references in an SPF-record is only limited by the maximum length of the TXT-record (255 characters).
SPF syntax
An SPF-record consists of certain tags that define how the content is interpreted. In the table below, we go through the tags from our example above:
| Tag | Purpose | Example |
| v | Protocol version (required, must be specified in the beginning of the record) | v=spf1 |
| include: | Used to include a domain (without space after : ) | include:spf.shopfactory.io |
| all | Instructs the recipient about how to proceed if there isn't a match for your SPF-record (must be located at the end of the SPF-record). | -all |
The tag "all" can have the following prefixes: -, ~ and ?. The prefixes define with which degree of strictness the sender should accept emails. With (-all will not accept mails that do not match the SPF-record. (~all) will treat all emails as suspicious(~), and a neutral recommendation (?all), that leave the decision to the recipient server:
| Syntax | Qualifier |
| + | Pass |
| ? | Neutral |
| ~ | Soft fail |
| - | Fail |
We recommend using the "-all" (Fail), so that emails sent from sources that are not included in the SPF record are rejected. When using the (Fail) mechanism, you need to make sure that you have your SPF set up correctly so that it includes all the mail services that are used with the domain in question.
You can read more about the different tags and their function here:
- SPF Record Syntax (dmarcian.com)
- SPF Record Tags (mxtoolbox.com)
What does SPF mean?
The abbreviation "SPF" stands for "Sender Policy Framework" and is a list of approved "host-names" and "IP-addresses" that can send requests on behalf of your domain. You can find the specification here.
Good to know
Below are examples of standard SPF-records for the different providers we represent. The records work as an extended version of spf.shopfactory.io (see the section "SPF"). The below records include all mail-services (Exchange, mail-hotel, web-mail and the shop system's SMTP server, etc.) that we offer through our different providers. However, it may be necessary to use spf.shopfactory.io if you already have a very large SPF record and want to limit the number of lookups.
- DanDomain:
v=spf1 include:spf.dandomain.dk -all - ScanNet:
v=spf1 include:spf.scannet.dk -all - Wannafind:
v=spf1 include:spf.wannafind.dk -all
Note: The above records are based on the assumption that you only send emails through the servers of the listed providers (this includes the order status emails of the respective shop systems). If you send through other mail servers (e.g. your internet service provider or other newsletter service), you must add these addresses to your SPF record. Always make sure that your SPF record is 100% correct, otherwise you risk that your outgoing emails won't be delivered. You can use a test tool for this purpose (see links below).
Useful links