Marketing : SPF Records

Matthew Nestor

In this document, we will discuss SPF records for the purposes of sending emails through ClickFunnels using your custom domains. An SPF record helps prevent spam and spoofing and improves email deliverability. ClickFunnels does not require an SPF record on your domain, and an existing SPF record will not interfere. Therefore, this document provides general information on how SPF works.


Prior to getting started, you will need to have the following:

  • A custom domain.

What is SPF?

SPF (Sender Policy Framework) is used to detect forged sender addresses during the delivery of an email. SPF alone is limited to detecting a forged sender in the envelope (Return-Path header) of the email. With SPF setup properly, an email server cannot use your domain in the envelope (Return-Path header) unless you have authorized it.

 

What is an SPF record?

An SPF record is a TXT-type DNS record on a domain that dictates which email servers (IP addresses) are authorized to send an email using the domain name in the envelope (Return-Path header) of an email.

A domain can only have one SPF record, but an SPF record can authorize multiple email servers.

 

Which email headers are checked?

Here are the common names the email header used by SPF is referred to:

  • Return-Path
  • MAIL-FROM
  • Bounce address
  • Envelope from

 

How does it work?

  1. The receiving server will find the domain used in the Return-Path header and check for an existing SPF record on that domain.
  2. It compares the sending email server’s IP address with those contained in the SPF record.
    1. If the IP address is in the SPF record, the email server that sent the email is authorized to use that domain (in the Return-Path header). This means that SPF PASSED.
    2. If the IP address of the sending email server is not in the SPF record (of the domain in the Return-Path header), then SPF FAILS.

 

So, what do I need to do?

Nothing. ClickFunnels will send emails with a Return-Path header with an SPF record set up.

No additional configuration or SPF record is required on your custom domains. An existing SPF record on your domain will not interfere with ClickFunnels' ability to send emails through your domain. Likewise, the SPF record used by ClickFunnels will not interfere with your existing SPF record.

It is important to note that most email clients will, by default, not display the Return-Path header to the recipient. Also, be aware that the SPF check can PASS even if the “From Address” displayed in the recipient’s email client is not the same domain as the one in the Return-Path header and SPF record. In other words, on its own, SPF does not check the “From” header or prevent the “From Address” from being spoofed.

To effectively prevent spam and spoof emails from your domain, you must include a DMARC record. Please see our documentation on DMARC records for more information.


If you have any questions about this, please contact our Support Team by clicking the Support Icon in the bottom right-hand corner of this page.