SPF records for cold email senders

SPF (Sender Policy Framework) is a DNS TXT record that tells receiving mail servers which IPs are allowed to send on behalf of your domain. Without SPF, mail from your domain is treated as suspect immediately by every major mailbox provider.

The record Inboxlee sets

v=spf1 include:_spf.google.com ~all

Three parts: the version (v=spf1), an include directive that pulls in the up-to-date list of Google Workspace sending IPs, and a soft-fail qualifier (~all) that tells receivers to mark unauthorized senders as suspicious without dropping them entirely.

The one-record rule

Your domain may have exactly one SPF record. RFC 7208 is unambiguous on this - two records means SPF fails entirely with a PermError, which most receivers treat as a strong negative signal. This is the single most common cold-email deliverability bug.

If you already have an SPF record for marketing tools, Inboxlee detects it during MagicLee Step 6 and merges the includes into one record before provisioning. We never append a second record.

How to verify

Inboxlee polls SPF automatically and surfaces the status on every domain page. For manual verification, use dig:

dig +short TXT yourdomain.com

You should see exactly one v=spf1 line. If you see two, contact support - we will help merge them safely.

The 10-lookup limit

SPF specifies a maximum of 10 DNS lookups during evaluation. include: directives count, as do redirect: and a: directives. If you exceed 10 lookups, the entire record fails. Inboxlee's default record uses one lookup (Google's include) so you have plenty of headroom for additional senders.

When in doubt, check the record at mxtoolbox.com/spf.aspx - it counts lookups and flags every common misconfiguration.