How should I combine SPF records and what domain should I use with SendinBlue?

Summary

When configuring SPF records for SendinBlue, it's crucial to prioritize email deliverability by adhering to established best practices. Using a subdomain for SendinBlue is highly recommended to isolate your primary domain's reputation and protect it from potential deliverability issues. Avoid multiple SPF records; consolidate all authorized sending sources, including SendinBlue and Google Workspace, into a single SPF record using 'include:' mechanisms. Be mindful of SPF record limitations: stay within the 255-character limit and adhere to the 10 DNS lookup limit. Proper syntax is essential to prevent evaluation errors. Understand that SPF authenticates the envelope from/return path/bounce domain, not the domain visible in the email client. The MX mechanism can often be dropped as unnecessary. If near the DNS lookup limit, consider SPF flattening. Ensure a valid SPF record exists to prevent emails from being flagged as spam or rejected.

Key findings

  • Subdomain Recommended: Using a subdomain for SendinBlue separates your sending reputation and protects your primary domain.
  • Single SPF Record Required: Multiple SPF records are invalid; consolidate all sending sources into one record.
  • SPF Limits: SPF records must be under 255 characters and adhere to the 10 DNS lookup limit.
  • SPF Authenticates Return Path: SPF authenticates the envelope from/return path/bounce domain, not the display domain.
  • Proper SPF setup: SPF records are essential for preventing spoofing, and improving deliverability.

Key considerations

  • Syntax Matters: Ensure correct SPF syntax to prevent evaluation errors.
  • Impact of Missing SPF: Missing or misconfigured SPF records can lead to emails being flagged as spam or rejected.
  • Consider SPF Flattening: Use SPF flattening to reduce DNS lookups if approaching the limit.
  • MX Mechanism Optional: The MX mechanism can often be dropped from the SPF record.
  • Order of Statements: Place more 'expensive' lookups (like 'mx' or 'a') near the end of the SPF record.

What email marketers say
11Marketer opinions

When configuring SPF records for SendinBlue, it's crucial to avoid common pitfalls and adhere to best practices to ensure optimal email deliverability. A key recommendation is to use a subdomain instead of your primary domain for sending emails via SendinBlue. This isolates your primary domain's reputation and protects it from potential deliverability issues arising from marketing campaigns. Multiple SPF records for a single domain are invalid; instead, consolidate all authorized sending sources, including SendinBlue, into a single SPF record using 'include:' mechanisms. Ensure your SPF record remains under the 255-character limit and adheres to the 10 DNS lookup limit to prevent authentication failures. Prioritize accurate syntax and proper SPF record formatting to avoid common setup errors.

Key opinions

  • Subdomain Usage: Using a subdomain for SendinBlue is recommended to separate sending reputation from the primary domain.
  • Single SPF Record: Only one SPF record should exist per domain; combine all authorized senders into one record.
  • SPF Record Limits: SPF records must be under 255 characters and adhere to the 10 DNS lookup limit.
  • Record Importance: SPF records are important for preventing spoofing, and improving deliverability.

Key considerations

  • SPF Syntax: Ensure the SPF record uses correct syntax to avoid evaluation errors.
  • Deliverability Impact: Missing or misconfigured SPF records can lead to emails being flagged as spam or rejected.
  • SPF Flattening: Consider SPF flattening techniques to reduce DNS lookups if you're approaching the limit.
  • Order of statements: Consider putting more 'expensive' lookups near the end of the SPF record.
Marketer view

Email marketer from Email Geeks shares that, 'It's possible to set up your organizational domain, as the “domain” in SendinBlue but it’s highly recommended against as you want the sender reputation of your organizational domain to have some separation from the subdomain for marketing.'

March 2024 - Email Geeks
Marketer view

Email marketer from Reddit shares that it's recommended to use a subdomain for sending emails with SendinBlue. This helps to separate your sending reputation from your main domain and protects it from potential damage if your email campaigns have issues.

September 2024 - Reddit
Marketer view

Email marketer from Super User explains that If there is no SPF record or no 'pass' result, many email systems will flag the message as potentially spam or even reject it outright. This can drastically reduce your email deliverability.

November 2021 - Super User
Marketer view

Email marketer from SparkPost shares that you should place more 'expensive' lookups (like 'mx' or 'a') near the end of the SPF record, as the system might terminate the evaluation early if the 10-lookup limit is reached.

August 2024 - SparkPost
Marketer view

Email marketer from Email Geeks shares it’s recommended against setting up your organizational domain, <http://lapoppyjewelry.com|lapoppyjewelry.com>, as the “domain” in SendinBlue. It's better to use a subdomain to separate sender reputation. He also recommends deleting the SPF for SendinBlue and leaving the one for Google if the root domain is entered as the domain in SendinBlue.

July 2023 - Email Geeks
Marketer view

Email marketer from GMass shares that common mistakes during SPF setup are having multiple SPF records and not using the correct syntax. Also notes that using too many lookups can lead to failures.

January 2023 - GMass
Marketer view

Email marketer from Email Geeks explains that combining SPF records with `v=spf1 a mx include:<http://spf.mtasv.net|spf.mtasv.net> include:<http://spf.sendinblue.com|spf.sendinblue.com> ~all` is sufficient and that having two SPF records will result in evaluation errors.

November 2022 - Email Geeks
Marketer view

Email marketer from DeskRabbit shares that an SPF record must contain no more than 255 characters. This can present a problem, especially if you send emails from several different locations.

November 2023 - DeskRabbit
Marketer view

Email marketer from EasyDMARC shares that SPF flattening is a technique to reduce the number of DNS lookups in your SPF record. This helps to avoid exceeding the 10-lookup limit and ensures proper SPF authentication.

October 2024 - EasyDMARC
Marketer view

Email marketer from Mailjet shares that SPF records are essential for preventing email spoofing and improving deliverability. They emphasize the importance of creating a valid SPF record that accurately reflects all sending sources for your domain.

February 2025 - Mailjet
Marketer view

Email marketer from ServerFault explains that you should not have multiple SPF records for the same domain. Instead, you should combine all the necessary includes into a single SPF record. They provide an example of how to combine multiple includes.

June 2021 - ServerFault (StackExchange)

What the experts say
3Expert opinions

When configuring SPF records, particularly in conjunction with SendinBlue or other ESPs, it's critical to use a subdomain rather than your bare domain to isolate reputation and prevent deliverability issues. You must ensure all sending sources are included in a single SPF record using 'include:' mechanisms instead of creating multiple SPF records. Additionally, remember that SPF authenticates the envelope from/return path/bounce domain, not the domain visible in the mail client, and the MX mechanism can often be dropped as unnecessary.

Key opinions

  • Subdomain for ESPs: Use a subdomain for SPF records when using ESPs to isolate reputation.
  • Single SPF Record: Consolidate all sending sources into a single SPF record using 'include:' mechanisms.
  • Authentication Domain: SPF authenticates the envelope from/return path/bounce domain, not the visible domain.

Key considerations

  • MX Mechanism: The MX mechanism might be unnecessary and can be dropped from the SPF record.
  • Reputation Isolation: Using a subdomain helps protect your primary domain's reputation from potential deliverability issues caused by ESPs.
  • Multiple SPF Records: Having multiple SPF records is invalid and will cause issues with email authentication.
Expert view

Expert from Spam Resource answers that if you use multiple email service providers, such as Sendinblue, you must ensure all are included within a single SPF record for your domain. This involves using 'include:' mechanisms for each provider, rather than creating separate SPF records, which is invalid.

July 2022 - Spam Resource
Expert view

Expert from Email Geeks explains that you can drop the MX mechanism and that one MX is sufficient but unnecessary. Also clarifies SPF authenticates the envelope from/return path/bounce domain, not the domain seen in the mail client.

October 2021 - Email Geeks
Expert view

Expert from Word to the Wise explains that when using ESPs, you should be putting SPF records in for a subdomain, not the bare domain, to isolate reputation.

May 2021 - Word to the Wise

What the documentation says
4Technical articles

To ensure optimal email deliverability, you must authenticate your domain with SPF and DKIM records as instructed by SendinBlue. Your SPF record should include all authorized sending sources, including third-party email marketing platforms. Be mindful of the 10 DNS lookup limit for SPF records; exceeding this limit can cause authentication failures, and flattening your SPF record might be necessary. You can add or update your SPF record through your domain settings, following specific syntax guidelines to incorporate services like Google Workspace.

Key findings

  • Domain Authentication: Authenticating your domain with SPF and DKIM is crucial for email deliverability.
  • Include All Sources: SPF records must include all authorized sending sources, including third-party services.
  • Lookup Limit: SPF records are limited to 10 DNS lookups; exceeding this limit causes authentication failures.

Key considerations

  • SendinBlue Instructions: Follow SendinBlue's specific instructions for generating and adding SPF and DKIM records.
  • SPF Record Syntax: Adhere to proper syntax when adding or updating your SPF record to include Google Workspace or other services.
  • SPF Flattening: Consider SPF flattening if your record approaches or exceeds the 10 DNS lookup limit.
Technical article

Documentation from RFC specification answers that an SPF record should include all authorized sources which are able to send mail on behalf of the domain, including any third-party services such as email marketing platforms.

January 2023 - RFC
Technical article

Documentation from SendinBlue explains that you need to authenticate your domain to improve deliverability. This involves adding SPF and DKIM records to your domain's DNS settings. They provide specific instructions for generating and adding these records within the SendinBlue platform.

April 2021 - SendinBlue
Technical article

Documentation from Google Workspace Admin Help answers that you can add or update your domain's SPF record in your domain settings. It details the steps and syntax for creating an SPF record that includes Google Workspace.

December 2022 - Google
Technical article

Documentation from dmarcian explains that SPF records have a lookup limit of 10 DNS lookups. Exceeding this limit can cause SPF authentication to fail. They recommend using includes wisely and flattening your SPF record if necessary.

October 2022 - dmarcian