Qualifier for Default Mechanism
To get the most value from a SPF record, it should use the strictest matching.
When creating an SPF record, the last mechanism tells the email receiver what to do if none of the previous mechanisms pass successfully. SPF mechanisms are evaluated from left to right, so hopefully one of the mechanisms passes before reaching the end of the string. If it doesn't it probably isn't a valid email, so you probably want to instruct the email receiver to discard that forged email. You would do this with the -all
mechanism.
During testing, you may not feel confident that all of your emails are covered by your SPF mechanisms, so you may want to instruct the email receiver to be a little less strict. You can do this with the "softfail" qualifier ~all
. There are two other qualifiers, ?all
which means neutral and +all
which means to pass all unrecognized email. These last two qualifiers are dangerous and should not be used except for testing.
Ready to validate your website for this test and 100+ others?