PlainDMARC

Free SPF Record Checker — plain-English results

Enter a domain to see its SPF record explained mechanism by mechanism, with a check against the SPF 10-lookup limit. No signup required.

Runs entirely in your browser using public DNS-over-HTTPS. We never store your query.

Get a plain-English weekly email watching all your domains — join the PlainDMARC waitlist.

Join the PlainDMARC waitlist

✅ SPF is only one of three. Now check your DMARC record →

Frequently asked questions

What is SPF?

SPF (Sender Policy Framework) is a DNS TXT record that lists which mail servers are allowed to send email using your domain. When a receiving server gets a message claiming to be from you, it checks your SPF record to decide whether the sending server is authorized. It helps stop spammers from forging your domain in the "envelope" sender address.

Why does the 10-lookup limit matter?

Evaluating SPF may require DNS lookups for mechanisms like include, a, mx, ptr, exists, and redirect. The specification caps this at 10 lookups. Go over and receivers return a "permerror" — which usually means legitimate mail fails SPF entirely. Many people hit the limit by chaining several vendor include: statements, so it is worth counting.

SPF vs DKIM vs DMARC — what's the difference?

SPF authorizes which servers may send for your domain. DKIM adds a cryptographic signature that proves a message wasn't tampered with in transit. DMARC ties SPF and DKIM to the visible "From" address and tells receivers what to do when checks fail — plus it sends you reports. You generally want all three, and DMARC is the one that gives you visibility. That's what PlainDMARC monitors for you in plain English.