How much does Loops cost?

Pricing is based on subscribed contacts. Transactional email is included at no additional charge.

What does the free plan include?

Up to 4,000 sends/month to 1,000 contacts. Any paid plan removes these limitations.

How are you different from other email platforms?

Loops is purpose-built for SaaS. It unifies marketing, product, and transactional email in one platform with event-driven automations, a modern API, and agent-ready tooling.

← Back

SPF (Sender Policy Framework)

SPF (Sender Policy Framework) is a DNS-based email authentication method that lists which servers are authorized to send mail for your domain.

Mar 25, 2026

SPF is a DNS rule that lists which mail servers are allowed to send email for your domain, helping providers filter out spoofed messages.

Definition and examples

SPF (Sender Policy Framework) is an email authentication method that allows domain owners to specify which mail servers and IP addresses are authorized to send email on behalf of their domain. Implemented through DNS TXT records, SPF helps receiving mail servers verify the legitimacy of incoming messages by checking if they originate from approved sources, providing a crucial first line of defense against email spoofing and improving overall email deliverability. SPF works by publishing a list of authorized sending sources in a domain's DNS records. When an email is received, the receiving server performs an SPF lookup on the sender's domain and compares the sending server's IP address against the published policy. This verification process helps identify potentially fraudulent emails and protects both the domain owner's reputation and recipients from spam and phishing attacks.

Why it matters

It matters because it maintains sender credibility with ISPs and email providers. It also prevents fraudulent emails sent from your domain.

How SPF works

Email sent from server with specific IP address. Return-Path (envelope sender) domain identified. Receiving server begins authentication check. Receiving server queries sender domain's DNS.

Common mistakes

A common mistake is multiple SPF records at the same domain, receivers may ignore SPF entirely. Combine into a single v=spf1... record. A common mistake is exceeding the 10-DNS-lookup limit, remove unused include: entries and avoid unnecessary a/mx mechanisms. A common mistake is staying on ~all forever, switch to -all after validating legitimate senders to block spoofing. A common mistake is misunderstanding alignment, SPF can pass but still fail DMARC if the Return-Path domain does not align with the visible From domain. Configure alignment in DMARC. A common mistake is putting the record on the wrong host, SPF is a TXT record at the sending domain (for example, example.com), not on _spf.example.com unless referenced via include:.

Related terms

Key takeaways

SPF is a fundamental email authentication method that authorizes specific servers and IP addresses to send email for your domain
Proper SPF implementation requires careful DNS configuration, staying within the 10-lookup limit, and regular monitoring of authentication results
SPF works best as part of a complete authentication stack with DKIM and DMARC for maximum deliverability benefit

Guides

Company

Product