All Collections
Email Authentication Fundamentals
SPF: Who Sent It?
Trailing SPF Includes in Valimail Delegated Domains
Trailing SPF Includes in Valimail Delegated Domains
Updated over a week ago

The Valimail SPF directives should be sufficient to allow SPF validation of any service. So for the purposes of email authentication, no additional directives should be needed in an SPF record.

That said, some vendors use a partial text match on the SPF record to validate that their customer has configured SPF correctly and either won’t send email, or won’t send email using the customer’s domain unless the specific SPF directive they specify is present in the record.

Valimail supports this verification for a limited number of vendors. Customers can add the directives for these vendors to their SPF record, so long as the vendor-specified directive is added AFTER the macro directive. This ensures both that Valimail handles authenticating the service and that the SPF evaluation doesn’t exceed the 10 domain lookup limit before Valimail takes ownership of email authentication.

Our SPF record validation tools recognize these supported vendor-specified directives and, assuming the rest of the record is correct, should show the record as both valid and properly delegated in Valimail UIs. Any number of vendor-specified directives can be added to an SPF record and it will still be valid.

Currently supported vendors are:



FireEye Email Threat Prevention



Microsoft 365

Status Page

Symantec Email Security Cloud


Blackboard Notify

Did this answer your question?