tim@apple.com
—you aren’t permitted to send from that email and domain.
Good news: SPF takes just a couple minutes to set up.
All of the next steps happen from your DNS settings. You’ll find these wherever you purchased your domain (for example, if you bought your domain from GoDaddy, go to their website to find the DNS settings for your domain).
1. Identify your mail servers.
List all the servers and services that send emails on behalf of your domain. This includes your own mail servers, third-party email services (like Google Workspace, Office 365), and any other services (like marketing or support ticket platforms).
2. Create your SPF record.
Add a TXT record in your DNS.
@
or leave it blank (depending on the DNS provider).v=spf1
indicates the version of SPF used.ip4:192.168.0.1
specifies an IP address that’s authorized to send emails. Replace it with your server’s IP address. For multiple servers, add them with a space delimiter.include:spf.provider.com
-all
indicates a hard fail for servers not listed on the record. You can use ~all
for a soft fail as a safer option during initial setup.selector._domainkey
where selector
is a unique name for this particular DKIM record._dmarc
. Your domain will be automatically appended in most cases.v=DMARC1
specifies the DMARC versionp=none
sets the policy. Other options are quarantine
or reject
. Start with none
for monitoring purposes and move to a stricter policy as you gain confidence in your SPF and DKIM records.rua
is where aggregate reports are sent. Replace youremail@yourdomain.com
with either your actual email or a Postmark DMARC monitoring email. We recommend the latter because DMARC reports are quite technical, and Postmark does a great job translating things.