How to Create an SPF Record for Multiple Email Providers

The Challenge of Multiple Email Providers: Modern Email Complexity

Gone are the days when a business used a single email server. Today, even small companies often use:

• Google Workspace or Microsoft 365 for employee email
• Mailchimp or Klaviyo for marketing newsletters
• SendGrid or Amazon SES for transactional emails (receipts, password resets)
• Zendesk or Intercom for customer support
• A custom web application that sends notifications
• Their own web server for contact form emails

Each of these services sends email from your domain. Each must be authorized in your SPF record. But you can only have ONE SPF record per domain, and it's limited to 10 DNS lookups.

Common Provider Include Values: Your SPF Building Blocks

Most email providers publish their own SPF records that you can include. Here are include values for popular services (accurate as of 2026).

Email and Collaboration Suites

• Google Workspace (Gmail): include:_spf.google.com
• Microsoft 365 (Office 365): include:spf.protection.outlook.com
• Zoho Mail: include:zoho.com or include:zohooutlook.com
• Apple iCloud Mail: include:icloud.com
• Yahoo Mail (Small Business): include:spf.mail.yahoo.com

Marketing and Newsletter Platforms

• Mailchimp: include:servers.mcsv.net
• Klaviyo: include:spf.mandrillapp.com
• Constant Contact: include:spf.constantcontact.com
• HubSpot: include:spf.hubspotemail.net
• ActiveCampaign: include:_spf.activehosted.com
• ConvertKit: include:spf.kit.com
• Brevo (Sendinblue): include:sendinblue.com

Transactional Email Services

• SendGrid: include:sendgrid.net
• Amazon SES: Varies by region. For US East (N. Virginia): include:amazonses.com
• Mailgun: include:mailgun.org
• Postmark: include:spf.postmarkapp.com
• SparkPost: include:spf.sparkpostmail.com
• Mailjet: include:spf.mailjet.com

Customer Support Platforms

• Zendesk: include:mail.zendesk.com
• Intercom: include:intercom.io
• Freshdesk: include:freshdesk.com
• Help Scout: include:helpscoutemail.com

E-commerce and Other Platforms

• Shopify: include:shops.shopify.com
• WooCommerce (with Jetpack): include:spf.jetpack.com
• Squarespace: include:squarespace-mail.com
• Wix: include:spf.wix.com
• Stripe (email receipts): include:spf.stripe.com
• PayPal: include:pppf.net

Building Your Combined SPF Record: A Step-by-Step Process

Follow this process to create an SPF record that includes all your providers.

Step 1: List All Email Sending Sources

Create a comprehensive list of every service, platform, and server that sends email using your domain. Include primary email, marketing, transactional, support, and any custom applications.

Step 2: Find Each Provider's Include Value

Using the list above or provider documentation, find the correct include value for each service.

Step 3: Add Your Own IP Addresses

If you have your own servers (web servers, application servers) that send email, add their public IP addresses using ip4: or ip6: mechanisms.

Step 4: Construct the Record

Combine all mechanisms in a single line, separated by spaces, starting with v=spf1 and ending with ~all or -all.

v=spf1 include:_spf.google.com include:sendgrid.net include:servers.mcsv.net ip4:203.0.113.0/24 ~all

Step 5: Test Your Record

Use our SPF Checker to validate syntax and count DNS lookups.

Managing the 10-Lookup Limit with Multiple Providers

When you include many providers, you risk exceeding the 10-DNS-lookup limit. Here's how to stay within limits.

Typical Lookup Costs by Provider

• Google Workspace: 2 lookups
• Microsoft 365: 2-3 lookups
• SendGrid: 2 lookups
• Mailchimp: 2-3 lookups
• Amazon SES: 1-2 lookups
• Zendesk: 1-2 lookups
• Custom ip4: 0 lookups

Strategy 1: Remove Unused Providers (Easiest)

Review your list. Are all providers still active? Remove any you no longer use.

Strategy 2: Replace Includes with IP Ranges

For providers with known, stable IP ranges, replace the include with explicit ip4: mechanisms. Example: If SendGrid's sending IPs are documented, use ip4:168.245.0.0/17 instead of include:sendgrid.net.

Strategy 3: Use Subdomain Segmentation

Instead of one SPF record for your root domain, use separate subdomains:

• marketing.yourdomain.com → Mailchimp + Klaviyo
• transactional.yourdomain.com → SendGrid + Amazon SES
• internal.yourdomain.com → Google Workspace

Strategy 4: SPF Flattening

Use a flattening service to convert all includes into a static list of IP ranges, then publish the flattened record.

Verification and Testing Your Multi-Provider SPF Record

After publishing your SPF record, verify it works for all providers.

Step 1: Use Our SPF Checker for Syntax and Lookups

Our tool validates syntax and shows total lookup count.

Step 2: Test Each Provider Individually

Send a test email from each provider to a testing service (e.g., check-auth@verifier.port25.com). The response shows SPF pass/fail for that specific email.

Step 3: Check DMARC Reports (If Configured)

DMARC aggregate reports show SPF results by source IP. Verify each provider appears with SPF=pass.

Step 4: Monitor Over Time

Providers occasionally change their sending IPs or SPF include structures. Set quarterly reminders to re-test your SPF record.

Real-World Configuration Examples

Example 1: Small Business (Google Workspace + Mailchimp + Web Server)

v=spf1 include:_spf.google.com include:servers.mcsv.net ip4:203.0.113.0/24 ~all

Example 2: E-commerce (Shopify + SendGrid + Google Workspace)

v=spf1 include:_spf.google.com include:shops.shopify.com include:sendgrid.net ~all

Example 3: Enterprise (Multiple Providers with Flattening)

# Flattened record (actual IP ranges)
v=spf1 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:168.245.0.0/17 ip4:198.2.128.0/18 ip4:205.201.128.0/20 ~all