Sender Policy Framework (SPF), is an email authentication method that synchronizes with the Domain Name System. SPF is a type of DNS TXT record listing the IP addresses permitted to send emails from a specific domain.
What is Cloudflare? Cloudflare is a content delivery network (CDN) and distributed DNS (Domain Name System) service operated by Cloudflare, Inc. It provides a global CDN with a focus on security and performance. Cloudflare’s services include a website’s visitor and the Cloudflare user’s hosting provider, acting as a reverse proxy for websites.
Cloudflare was launched in 2009 by Matthew Prince, Lee Holloway, and Michelle Zatlyn, who had previously worked together on Project Honey Pot.
To improve email deliverability and mitigate phishing, spoofing, and spamming, you need to implement SPF with DKIM and DMARC.
How to Add SPF Record to Cloudflare
Adding an SPF record to your Cloudflare DNS settings will help to ensure that emails sent from your domain are not marked as spam.
How to Generate an SPF Record?
To create an SPF record, you need to define what sources you will use for sending emails on behalf of your domain and identify all those sources in your SPF record.
To allow only one specific server to send emails on behalf of your domain, then specify that server’s IP address in your SPF record. In case of allowing only the server with IP address 1.2.3.4 to send emails on behalf of your domain, then your SPF record would look like this:
v=spf1 ip4:1.2.3.4 ~all
Here are some steps on how to add SPF record in Cloudflare:
Step 1. Add the SPF Record to Your Cloudflare account
- Log in to your Cloudflare account
- Click on your domain field
- Head to the DNS section
- Click “Add” Record
Step 2. Add your SPF Type, Host, and Content
- In the DNS section, find the Type, Name (required), and Content (required) fields
- Fill in the fields, as shown in the screenshot below
Here’s an example of a case, where we whitelisted Zoho’s SPF in our DNS zone.
| Type | Host | Content |
| TXT Record | @ | v=spf1 include:zoho.com ~all |
Step 3. Add the IPs in the Same SPF Record
If you’re using sources that only have an IP address you can add IPs in SPF record.
Here’s an example on how to fill it:
| Type | Host | Content |
| TXT Record | @ | v=spf1 ip4:169.148.146.23/32 include:zoho.com ~all |
Step 4. Finish your Cloudflare SPF Setup
Click “Save” to finish your Cloudflare SPF setup and this is how to add an SPF record in Cloudflare.
Important Recommendations
Having multiple SPF Records for a single root domain is a bad practice and results in authentication failure. If you use multiple sources within your organization, you must have them whitelisted in a single SPF Record.
How Can EasyDMARC Help?
Ensuring your email server is secure and only sending legitimate emails is essential for your business, customers, and reputation.
Now that you’ve added an SPF record to your Cloudflare account, you can advance your email security further by setting up DKIM and DMARC, taking tried and true steps toward DMARC compliance.
Want to learn more? Explore EasyDMARC tools by signing up in our platform.
We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.
You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us