SPF aims to prevent email address forgery. A domain name owner publishes an SPF record in DNS that declares which server(s) are permitted to send email on behalf of that domain. There are several ways to end an SPF record, which determines what happens if email is received from a server that is not listed:
|The email is a forgery.
|The email is likely a forgery, but the domain is in transition.
|Nothing can be said about whether the email is a forgery.
|The email is never a forgery. This option should not be used.
This site maintains a database of domains which publish SPF records that end in
Such domains are using SPF the way it is intended, and are safe from email forgery.
Please note that this is not an authoritative or central list of SPF-enabled domains.
There is no such central list because SPF is a decentralised technology.
This database was initially preloaded with domains from a number of sources (dmoz, Wikipedia, and others).
If you know of a domain that publishes SPF
-all but is not listed, please add it!
Submit or check a domain
You may submit a new domain name to the database.
It will be checked to ensure that the SPF record ends in
-all, and recorded in the database.