{"id":1177,"date":"2026-06-20T10:36:40","date_gmt":"2026-06-20T10:36:40","guid":{"rendered":"https:\/\/inboxwarm.ai\/blog\/?p=1177"},"modified":"2026-06-23T07:53:02","modified_gmt":"2026-06-23T07:53:02","slug":"google-workspace-spf-record-setup","status":"publish","type":"post","link":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/","title":{"rendered":"How To Set Up An SPF Record In Google Workspace: Complete Setup Guide"},"content":{"rendered":"<div style=\"background-color: #f4f8fb; border: 1px solid #bad7f2; border-left: 6px solid #1a73e8; padding: 25px; margin: 30px 0; border-radius: 8px; font-family: Arial, sans-serif; line-height: 1.6; color: #333333;\">\n<p style=\"margin: 0 0 15px 0;\"><strong style=\"display: block; font-size: 18px; margin-bottom: 15px; color: #1a73e8; text-transform: uppercase;\">TL;DR<\/strong><\/p>\n<p style=\"margin: 0 0 20px 0;\">To set up an SPF record in Google Workspace, add a single DNS TXT record at your domain host with the value <code>v=spf1 include:_spf.google.com ~all<\/code>. This authorizes Google&#8217;s mail servers to send email for your domain. Save the record, wait up to 48 hours for DNS propagation, then verify it with a lookup tool.<\/p>\n<ul style=\"margin: 0; padding-left: 20px; color: #333333;\">\n<li style=\"margin-bottom: 12px;\"><strong>Google&#8217;s official SPF value<\/strong> for Workspace-only sending is <code>v=spf1 include:_spf.google.com ~all<\/code>.<\/li>\n<li style=\"margin-bottom: 12px;\"><strong>One SPF record per domain.<\/strong> Multiple SPF records cause a PermError and break authentication.<\/li>\n<li style=\"margin-bottom: 12px;\"><strong>Stay under 10 DNS lookups.<\/strong> Google&#8217;s include alone uses 3 to 4 of them.<\/li>\n<li style=\"margin-bottom: 0;\"><strong>SPF is added in DNS, not the Admin console,<\/strong> and works best paired with DKIM and DMARC.<\/li>\n<\/ul>\n<\/div>\n<p>A single line of missing DNS text is enough to send your Google Workspace email straight to spam. The message can be perfect, the offer relevant, and the timing right, and it still gets filtered because receiving servers never confirmed you were allowed to send it.<\/p>\n<p>That confirmation is what an SPF record provides, and most domains that struggle with deliverability are missing it or have it set up wrong.<\/p>\n<p>SPF is the first of the three authentication checks every modern inbox runs, and getting it wrong is one of the most common reasons legitimate Google Workspace mail underperforms. Since February 2024, Google has required every sender to set up SPF or DKIM and bulk senders to run all three protocols, with enforcement tightening into permanent rejections in late 2025.<\/p>\n<p>Skipping it is no longer a small oversight; it is a deliverability tax you pay on every campaign.<\/p>\n<p>The good news is that SPF for Google Workspace is one line of text. This guide walks you through what the record is, the exact value Google publishes, and how to add and verify it at any DNS host. To skip ahead and build one now, the <a href=\"https:\/\/inboxwarm.ai\/tools\/spf-generator\" target=\"_blank\" rel=\"noopener\">SPF generator<\/a> creates a valid record in seconds.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#why-is-spf-important-for-google-workspace\" >Why Is SPF Important for Google Workspace?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#google-workspace-spf-record-the-official-spf-value\" >Google Workspace SPF Record: The Official SPF Value<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#what-do-you-need-before-setting-up-an-spf-record\" >What Do You Need Before Setting Up an SPF Record?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#how-to-set-up-an-spf-record-in-google-workspace\" >How To Set Up An SPF Record In Google Workspace<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#how-to-verify-your-google-workspace-spf-record\" >How To Verify Your Google Workspace SPF Record<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#common-spf-setup-mistakes-you-should-avoid\" >Common SPF Setup Mistakes You Should Avoid<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#troubleshooting-spf-issues-in-google-workspace\" >Troubleshooting SPF Issues In Google Workspace<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#do-you-need-dkim-and-dmarc-with-spf-for-google-workspace\" >Do You Need DKIM and DMARC With SPF for Google Workspace?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#what-are-the-best-practices-for-spf-in-google-workspace\" >What Are the Best Practices for SPF in Google Workspace?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#frequently-asked-questions\" >Frequently Asked Questions<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#final-thoughts\" >Final Thoughts<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#a-clean-spf-record-authenticates-you-but-a-cold-domain-still-has-no-reputation\" >A clean SPF record authenticates you, but a cold domain still has no reputation.<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"why-is-spf-important-for-google-workspace\"><\/span>Why Is SPF Important for Google Workspace?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>SPF matters for Google Workspace because it is how receiving servers confirm that mail claiming to come from your domain actually originated from Google&#8217;s infrastructure. Sender Policy Framework (SPF) is a DNS TXT record that lists the servers authorized to send email for your domain. When a message arrives, the receiving server reads that list and decides whether to trust the source. No record, or a broken one, and your legitimate mail looks no different from a spoof.<\/p>\n<p>The following are the reasons why setting an SPF record is essential in your google workspace:<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-1024x576.webp\" alt=\"Infographic showing four benefits of a Google Workspace SPF record: prevent spoofing, deliverability, reputation, and compliance\" width=\"1024\" height=\"576\" class=\"aligncenter size-large wp-image-1186\" srcset=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-1024x576.webp 1024w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-300x169.webp 300w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-768x432.webp 768w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-1536x864.webp 1536w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-450x253.webp 450w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-780x439.webp 780w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace-1600x900.webp 1600w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Why-Is-SPF-Important-for-Google-Workspace.webp 1672w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<h3>Prevent Email Spoofing<\/h3>\n<p>Spoofing is when an attacker forges your domain in the From address to send phishing or scam emails that appear to come from you. SPF makes this harder. By publishing the exact list of servers allowed to send on your behalf, you give receiving servers a way to reject mail from any source you have not approved.<\/p>\n<p>SPF does not stop every attack on its own, but it removes the easiest path an impersonator has to abuse your domain.<\/p>\n<h3>Improve Email Deliverability<\/h3>\n<p>Authenticated mail lands in the inbox more often than unauthenticated mail. When your SPF record passes, you signal to Gmail and other providers that you are a known, accountable sender, which feeds directly into how they score and route your messages.<\/p>\n<p>Domains that fail SPF see more soft-failed and quarantined mail, especially on cold or new domains that have no sending history to fall back on.<\/p>\n<h3>Protect Your Domain Reputation<\/h3>\n<p>Your domain reputation is the trust score inboxes assign to your sending domain over time, and authentication failures drag it down. Every spoofed message that slips through using your domain, and every legitimate message that fails a check, teaches filters to trust you less. A clean SPF record protects that reputation by keeping unauthorized senders off your domain and keeping your real mail authenticated.<\/p>\n<p>If you are starting from a cold domain, pairing authentication with a structured <a href=\"https:\/\/inboxwarm.ai\/email-warmup\/gmail\" target=\"_blank\" rel=\"noopener\">Gmail warm-up<\/a> builds that trust faster.<\/p>\n<h3>Meet Google&#8217;s Email Authentication Requirements<\/h3>\n<p>Authentication is no longer optional. Per Google&#8217;s <a href=\"https:\/\/support.google.com\/a\/answer\/81126\" target=\"_blank\" rel=\"noopener\">email sender guidelines<\/a>, every sender to Gmail accounts must set up SPF or DKIM, and senders of more than 5,000 messages per day to personal Gmail accounts must set up SPF, DKIM, and DMARC together.<\/p>\n<p>Google began enforcing these rules on February 1, 2024, and in November 2025 escalated enforcement so that non-compliant mail faces temporary and permanent rejections. SPF is the foundation that the requirement is built on.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"google-workspace-spf-record-the-official-spf-value\"><\/span>Google Workspace SPF Record: The Official SPF Value<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Google publishes one recommended SPF value for domains that send only through Google Workspace. According to Google&#8217;s official <a href=\"https:\/\/support.google.com\/a\/answer\/33786\" target=\"_blank\" rel=\"noopener\">Set up SPF documentation<\/a>, that value is shown below. It is the exact string to publish as a TXT record, with no quotes, brackets, or extra spacing added.<\/p>\n<h3>Recommended SPF Record For Google Workspace<\/h3>\n<p>If Google Workspace is the only service sending email from your domain, use this record:<\/p>\n<div style=\"background-color: #f4f4f4; border: 1px solid #cfcfcf; border-left: 6px solid #9f9f9f; padding: 25px; margin: 30px 0; border-radius: 8px;\">\n<p style=\"margin: 0 0 15px 0;\">v=spf1 include:_spf.google.com ~all<\/p>\n<\/div>\n<p>That single include:_spf.google.com statement authorizes all of Google&#8217;s mail servers at once. Google maintains its sending IPs behind that one include and updates them automatically, which is why you should never hardcode Google&#8217;s IP addresses or try to flatten this record yourself.<\/p>\n<p>If you send through additional tools such as Mailchimp, SendGrid, or a CRM, you do not create a second record. You merge every sender into the same line, for example:<\/p>\n<div style=\"background-color: #f4f4f4; border: 1px solid #cfcfcf; border-left: 6px solid #9f9f9f; padding: 25px; margin: 30px 0; border-radius: 8px;\">\n<p style=\"margin: 0 0 15px 0;\">v=spf1 include:_spf.google.com include:sendgrid.net include:servers.mcsv.net ~all<\/p>\n<\/div>\n<h3>Understanding The SPF Syntax<\/h3>\n<p>Each part of an SPF record does a specific job. Reading the value left to right, here is what every mechanism means:<\/p>\n\n<table id=\"tablepress-115\" class=\"tablepress tablepress-id-115\">\n<thead>\n<tr class=\"row-1\">\n\t<th class=\"column-1\"><span style=\"color:#ffffff;font-weight:bold;\">SPF Element<\/span><\/th><th class=\"column-2\"><span style=\"color:#ffffff;font-weight:bold;\">What It Means<\/span><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr class=\"row-2\">\n\t<td class=\"column-1\">v=spf1<\/td><td class=\"column-2\">The version tag. Every SPF record must start with this. It tells receivers the record uses SPF version 1.<\/td>\n<\/tr>\n<tr class=\"row-3\">\n\t<td class=\"column-1\">include:_spf.google.com<\/td><td class=\"column-2\">Authorizes Google Workspace mail servers to send for your domain. The include pulls in Google's own SPF record, which lists its sending IP ranges.<\/td>\n<\/tr>\n<tr class=\"row-4\">\n\t<td class=\"column-1\">~all<\/td><td class=\"column-2\">The softfail qualifier. Mail from any server not listed is accepted but marked suspicious (usually routed to spam) rather than rejected outright.<\/td>\n<\/tr>\n<tr class=\"row-5\">\n\t<td class=\"column-1\">-all<\/td><td class=\"column-2\">The hardfail qualifier. Mail from unlisted servers is rejected. Stronger, but risky if you forget to include a legitimate sender.<\/td>\n<\/tr>\n<tr class=\"row-6\">\n\t<td class=\"column-1\">+all<\/td><td class=\"column-2\">Never use this. It tells receivers to accept mail from any server, which defeats the entire purpose of SPF.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<!-- #tablepress-115 from cache -->\n<p>Google&#8217;s recommended record uses ~all (softfail), not -all (hardfail). Softfail is the safer starting point: it gives you authentication without risking the loss of mail from a sending service you forgot to list. Once DMARC reporting confirms every legitimate sender is included, you can graduate to all for stricter protection.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"what-do-you-need-before-setting-up-an-spf-record\"><\/span>What Do You Need Before Setting Up an SPF Record?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Three quick checks save you from the most common setup failures. SPF lives in your DNS, not in the Google Admin console, so before you touch anything you need access to your DNS host, a clear view of any record that already exists, and a backup of your current settings.<\/p>\n<p>Spend five minutes here, and the actual setup takes one.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-1024x576.webp\" alt=\"Three checks before setting up an SPF record: DNS access, existing record check, and DNS backup\" width=\"1024\" height=\"576\" class=\"aligncenter size-large wp-image-1185\" srcset=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-1024x576.webp 1024w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-300x169.webp 300w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-768x432.webp 768w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-1536x864.webp 1536w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-450x253.webp 450w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-780x439.webp 780w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record-1600x900.webp 1600w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/What-Do-You-Need-Before-Setting-Up-an-SPF-Record.webp 1672w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<h3>Access Your DNS Provider<\/h3>\n<p>SPF is published by whoever manages your domain&#8217;s DNS, which is usually your domain registrar or a service like GoDaddy, Cloudflare, Namecheap, or Squarespace. Confirm you have admin login to that account, not just to Google Workspace. If your DNS is managed by an agency or IT contractor, line up the access now so you are not blocked mid-setup.<\/p>\n<h3>Check For Existing SPF Records<\/h3>\n<p>A domain can have only one SPF record, so before adding anything, check whether one already exists. Look in your DNS for any TXT record that begins with v=spf1. You can confirm in seconds with the <a href=\"https:\/\/inboxwarm.ai\/tools\/spf-checker\" target=\"_blank\" rel=\"noopener\">SPF checker<\/a>. If a record exists, you will edit it to add Google rather than create a new one. Two SPF records on the same domain cause a PermError, and authentication fails for all of your mail.<\/p>\n<h3>Back Up Current DNS Settings<\/h3>\n<p>Before you change any record, copy your existing DNS entries somewhere safe, including the current SPF value if there is one. A screenshot or a quick text export is enough. DNS edits are easy to reverse only if you know exactly what was there before, and this small step turns a stressful mistake into a one-click rollback.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"how-to-set-up-an-spf-record-in-google-workspace\"><\/span>How To Set Up An SPF Record In Google Workspace<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Setting up SPF takes seven steps, and only one of them involves typing the record itself. The process is the same across DNS hosts even though the menus are named differently.<\/p>\n<p>Follow these in order, then move straight to verification so you are not waiting on guesswork.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-1024x576.webp\" alt=\"Seven-step process diagram for adding an SPF record in Google Workspace from DNS login to verification\" width=\"1024\" height=\"576\" class=\"aligncenter size-large wp-image-1182\" srcset=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-1024x576.webp 1024w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-300x169.webp 300w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-768x432.webp 768w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-1536x864.webp 1536w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-450x253.webp 450w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-780x439.webp 780w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-1600x900.webp 1600w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace.webp 1672w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<h3>Step 1: Log In To Your DNS Host<\/h3>\n<p>Sign in to the account that manages your domain&#8217;s DNS. This is your registrar or DNS provider, not the Google Admin console. If you are unsure who hosts your DNS, an SPF or MX lookup on your domain will usually reveal the provider, or check where your domain was registered.<\/p>\n<h3>Step 2: Open DNS Management<\/h3>\n<p>Find the DNS settings area. Depending on the provider, it may be labeled DNS Management, DNS Zone Editor, Advanced DNS, or Manage DNS. This is the screen that lists all your existing records: A, MX, CNAME, and TXT. You will be working in the TXT section.<\/p>\n<h3>Step 3: Create A TXT Record<\/h3>\n<p>Add a new record and set its type to TXT. For the host or name field, enter @ to apply the record to your root domain (some providers want the domain itself or a blank field instead). If you send mail from a subdomain, you must add a separate SPF record for that subdomain.<\/p>\n<h3>Step 4: Add Google&#8217;s SPF Record<\/h3>\n<p>In the value or content field, paste Google&#8217;s recommended record exactly:<\/p>\n<div style=\"background-color: #f4f4f4; border: 1px solid #cfcfcf; border-left: 6px solid #9f9f9f; padding: 25px; margin: 30px 0; border-radius: 8px;\">\n<p style=\"margin: 0 0 15px 0;\">v=spf1 include:_spf.google.com ~all<\/p>\n<\/div>\n<p>If you send through other services too, merge them into this one line instead of pasting a second record. Do not add surrounding quotation marks unless your provider explicitly requires them, and watch for autocorrect turning straight quotes or hyphens into stylized characters, which breaks the syntax.<\/p>\n<h3>Step 5: Save Changes<\/h3>\n<p>Save or apply the record. Most providers confirm with a success message and show the new TXT entry in your records list. Double-check the saved value character for character against the line above, since a single missing space or stray character will cause SPF to fail.<\/p>\n<h3>Step 6: Wait For DNS Propagation<\/h3>\n<p>DNS changes are not instant. Google notes that SPF authentication can take up to 48 hours to start working, although many providers propagate within a few hours. Avoid making further edits during this window unless you spot an obvious error, since repeated changes only reset the clock.<\/p>\n<h3>Step 7: Verify The SPF Record<\/h3>\n<p>Once propagation is complete, confirm the record is live and valid. Run your domain through the <a href=\"https:\/\/inboxwarm.ai\/tools\/spf-checker\" target=\"_blank\" rel=\"noopener\">SPF checker<\/a> or send a test email to a Gmail address and inspect the headers for spf=pass.<\/p>\n<p>The next section covers verification tools in detail.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"how-to-verify-your-google-workspace-spf-record\"><\/span>How To Verify Your Google Workspace SPF Record<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Verifying your SPF record confirms three things: that it is published, that the syntax is valid, and that it stays within the 10-lookup limit. You have three reliable ways to check, from a no-install web tool to a terminal command.<\/p>\n<p>Use at least one before you trust your setup.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-1024x576.webp\" alt=\"Three ways to verify a Google Workspace SPF record: Google Admin Toolbox, MXToolbox, and the command line\" width=\"1024\" height=\"576\" class=\"aligncenter size-large wp-image-1184\" srcset=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-1024x576.webp 1024w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-300x169.webp 300w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-768x432.webp 768w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-1536x864.webp 1536w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-450x253.webp 450w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-780x439.webp 780w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record-1600x900.webp 1600w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Verify-Your-Google-Workspace-SPF-Record.webp 1672w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<h3>Google Admin Toolbox<\/h3>\n<p>Google&#8217;s own <a href=\"https:\/\/toolbox.googleapps.com\/apps\/dig\/\" target=\"_blank\" rel=\"noopener\">Admin Toolbox Dig tool<\/a> lets you query your domain&#8217;s DNS records directly from the source. Enter your domain, select the TXT record type, and read the returned SPF string. Because it comes from Google, it is a dependable check that Workspace can see your record as published.<\/p>\n<h3>MXToolbox<\/h3>\n<p><a href=\"https:\/\/mxtoolbox.com\/spf.aspx\" target=\"_blank\" rel=\"noopener\">MXToolbox SPF Lookup<\/a> is the most widely used verification tool. It does more than display the record: it validates the syntax, counts your DNS lookups against the limit of 10, and flags issues like multiple SPF records or deprecated mechanisms. The pass or fail summary at the top tells you instantly whether the record is healthy.<\/p>\n<h3>Command Line Methods<\/h3>\n<p>If you prefer the terminal, you can query SPF directly. On macOS or Linux, use dig; on Windows, use nslookup:<\/p>\n<div style=\"background-color: #f4f4f4; border: 1px solid #cfcfcf; border-left: 6px solid #9f9f9f; padding: 25px; margin: 30px 0; border-radius: 8px;\">\n<p style=\"margin: 0 0 15px 0;\"># macOS \/ Linux<\/p>\n<p style=\"margin: 0 0 15px 0;\">dig TXT yourdomain.com +short<\/p>\n<p style=\"margin: 0 0 15px 0;\"># Windows<\/p>\n<p style=\"margin: 0 0 15px 0;\">nslookup -type=TXT yourdomain.com<\/p>\n<\/div>\n<p>Both commands return your domain&#8217;s TXT records. Look for the line starting with v=spf1 and confirm it matches what you published. The command line shows the raw record with no interpretation, which makes it the fastest way to spot a typo.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"common-spf-setup-mistakes-you-should-avoid\"><\/span>Common SPF Setup Mistakes You Should Avoid<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Most SPF problems trace back to four mistakes, and all four are avoidable. SPF is strict about format and structure, so a record that looks fine at a glance can still fail silently.<\/p>\n<p>Watch for these before and after you publish.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-1024x576.webp\" alt=\"Checklist of four common Google Workspace SPF setup mistakes to avoid\" width=\"1024\" height=\"576\" class=\"aligncenter size-large wp-image-1181\" srcset=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-1024x576.webp 1024w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-300x169.webp 300w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-768x432.webp 768w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-1536x864.webp 1536w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-450x253.webp 450w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-780x439.webp 780w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid-1600x900.webp 1600w, https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/Common-SPF-Setup-Mistakes-You-Should-Avoid.webp 1672w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<h3>Multiple SPF Records<\/h3>\n<p>A domain can have only one SPF record. Publishing two TXT records that both start with v=spf1 causes a PermError, and receivers may stop evaluating SPF entirely. This usually happens when someone adds a new sender as a separate record instead of merging it. The fix is always to consolidate every sender into one line.<\/p>\n<h3>Incorrect TXT Record Format<\/h3>\n<p>SPF syntax is unforgiving. Extra spaces (v = spf1 instead of v=spf1), a missing colon (include _spf.google.com), or smart quotes pasted from a document will all break the record. Type or paste the value as plain text and verify it after saving.<\/p>\n<h3>SPF Lookup Limit Errors<\/h3>\n<p>SPF allows a maximum of 10 DNS lookups per evaluation, a hard limit defined in <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc7208\" target=\"_blank\" rel=\"noopener\">RFC 7208<\/a>. Each inclusion counts toward it, and Google&#8217;s include alone uses roughly 3 to 4 lookups because it nests its own records. Stack a few more services, and you exceed 10, which triggers a PermError and fails SPF. If you are close to the limit, audit your includes and remove any sender you no longer use.<\/p>\n<h3>Missing Third-Party Sending Services<\/h3>\n<p>If a tool sends email for your domain and is not in your SPF record, its mail can fail authentication and land in spam. Marketing platforms, help desks, CRMs, and invoicing tools all send on your behalf. Every time you add a new sending service, add its include to your existing SPF record, then re-verify.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"troubleshooting-spf-issues-in-google-workspace\"><\/span>Troubleshooting SPF Issues In Google Workspace<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When SPF is not working, the symptom usually points to the cause. Here are the four issues you are most likely to hit and how to resolve each one.<\/p>\n<h3>SPF Validation Failed<\/h3>\n<p>If a checker reports SPF as failed, start with the basics: confirm the record exists, begins with v=spf1, and contains include:_spf.google.com. A missing Google include is the most common cause, because without it Workspace servers are not authorized. Also confirm only one SPF record exists and that propagation has finished.<\/p>\n<h3>Emails Going To Spam<\/h3>\n<p>If SPF passes but mail still lands in spam, SPF is rarely the whole story. Check that DKIM is configured and signing your outbound mail, since DKIM survives forwarding where SPF does not, and confirm your DMARC alignment. Persistent spam placement on a healthy record usually points to sender reputation or content, not authentication.<\/p>\n<h3>SPF SoftFail Errors<\/h3>\n<p>A softfail (~all) result means a message came from a server not listed in your record. This is expected behavior for the ~all qualifier, but if your own legitimate mail is softfailing, a sending service is missing from your record. Identify the sender from your DMARC reports and add its include.<\/p>\n<h3>SPF PermError Issues<\/h3>\n<p>A PermError is a permanent error, and it means your record is structurally broken. The two usual causes are multiple SPF records on the domain and exceeding the 10-lookup limit. Both stop SPF evaluation completely. Consolidate to a single record and trim your includes until you are back under 10 lookups.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"do-you-need-dkim-and-dmarc-with-spf-for-google-workspace\"><\/span>Do You Need DKIM and DMARC With SPF for Google Workspace?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>SPF, DKIM, and DMARC are three layers of the same defense, and Google&#8217;s bulk sender rules expect all three. SPF verifies the sending server, DKIM verifies the message content with a cryptographic signature, and DMARC ties the two together and tells receivers what to do when a check fails. You need all three for full protection.<\/p>\n<p>Here is how they compare:<\/p>\n\n<table id=\"tablepress-114\" class=\"tablepress tablepress-id-114\">\n<thead>\n<tr class=\"row-1\">\n\t<th class=\"column-1\"><span style=\"color:#ffffff;font-weight:bold;\">Protocol<\/span><\/th><th class=\"column-2\"><span style=\"color:#ffffff;font-weight:bold;\">What It Checks<\/span><\/th><th class=\"column-3\"><span style=\"color:#ffffff;font-weight:bold;\">How It Works<\/span><\/th><th class=\"column-4\"><span style=\"color:#ffffff;font-weight:bold;\">Survives Forwarding?<\/span><\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr class=\"row-2\">\n\t<td class=\"column-1\">SPF<\/td><td class=\"column-2\">Which servers may send for your domain<\/td><td class=\"column-3\">DNS TXT record listing authorized sending sources<\/td><td class=\"column-4\">No<\/td>\n<\/tr>\n<tr class=\"row-3\">\n\t<td class=\"column-1\">DKIM<\/td><td class=\"column-2\">That the message was not altered in transit<\/td><td class=\"column-3\">Cryptographic signature verified against a public key in DNS<\/td><td class=\"column-4\">Yes<\/td>\n<\/tr>\n<tr class=\"row-4\">\n\t<td class=\"column-1\">DMARC<\/td><td class=\"column-2\">Alignment of SPF\/DKIM with the From domain<\/td><td class=\"column-3\">Policy that instructs receivers to none, quarantine, or reject<\/td><td class=\"column-4\">Policy layer<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<!-- #tablepress-114 from cache -->\n<p>Set them up in order: SPF first, then DKIM, then DMARC once both are passing. You can build the policy records with the <a href=\"https:\/\/inboxwarm.ai\/tools\/dkim-checker\" target=\"_blank\" rel=\"noopener\">DKIM checker<\/a> and the <a href=\"https:\/\/inboxwarm.ai\/tools\/dmarc-generator\" target=\"_blank\" rel=\"noopener\">DMARC <\/a><a href=\"https:\/\/inboxwarm.ai\/tools\/dmarc-generator\" target=\"_blank\" rel=\"noopener\">generator<\/a> and confirm enforcement with the <a href=\"https:\/\/inboxwarm.ai\/tools\/dmarc-checker\" target=\"_blank\" rel=\"noopener\">DMARC checker<\/a>. For a deeper breakdown of each protocol, the <a href=\"https:\/\/inboxwarm.ai\/blog\/spf-dkim-and-dmarc-explained\/\" target=\"_blank\" rel=\"noopener\">email authentication<\/a> guide defines the terms in one place.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"what-are-the-best-practices-for-spf-in-google-workspace\"><\/span>What Are the Best Practices for SPF in Google Workspace?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A correct SPF record is not a set-and-forget task. It needs light maintenance as your sending setup changes. These four practices keep it healthy over time.<\/p>\n<h3>Maintain A Single SPF Record<\/h3>\n<p>Always keep one SPF record per domain. When you add a sender, merge its include into the existing line rather than publishing a new record. This is the single most important rule, because duplicate records are the fastest way to break authentication for your entire domain.<\/p>\n<h3>Keep Third-Party Senders Updated<\/h3>\n<p>Audit your includes whenever you add or remove an email tool. A new marketing platform needs to be added; a tool you stopped using should be removed to free up DNS lookups. An out-of-date record either fails new senders or wastes part of your 10-lookup budget on services you no longer touch.<\/p>\n<h3>Monitor Authentication Results<\/h3>\n<p>Publish a DMARC record, even at p=none, so you receive aggregate reports showing exactly which sources are sending mail as your domain and whether they pass SPF. This is how you catch a missing sender or an unauthorized one before it costs you deliverability. Monitoring turns SPF from a guess into a measured system.<\/p>\n<h3>Review DNS Records Regularly<\/h3>\n<p>Schedule a quarterly review of your SPF, DKIM, and DMARC records. Sending infrastructure drifts: vendors change their includes, teams adopt new tools, and old records linger. A short recurring check keeps your authentication aligned with how you actually send mail today.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"frequently-asked-questions\"><\/span>Frequently Asked Questions<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<style>#sp-ea-1179 .spcollapsing { height: 0; overflow: hidden; transition-property: height;transition-duration: 300ms;}#sp-ea-1179.sp-easy-accordion>.sp-ea-single {margin-bottom: 10px; border: 1px solid #e2e2e2; }#sp-ea-1179.sp-easy-accordion>.sp-ea-single>.ea-header a {color: #444;}#sp-ea-1179.sp-easy-accordion>.sp-ea-single>.sp-collapse>.ea-body {background: #fff; color: #444;}#sp-ea-1179.sp-easy-accordion>.sp-ea-single {background: #eee;}#sp-ea-1179.sp-easy-accordion>.sp-ea-single>.ea-header a .ea-expand-icon { float: left; color: #444;font-size: 16px;}<\/style><div id=\"sp_easy_accordion-1781864842\"><div id=\"sp-ea-1179\" class=\"sp-ea-one sp-easy-accordion\" data-ea-active=\"ea-click\" data-ea-mode=\"vertical\" data-preloader=\"\" data-scroll-active-item=\"\" data-offset-to-scroll=\"0\"><div class=\"ea-card ea-expand sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11790\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11790\" aria-controls=\"collapse11790\" href=\"#\" aria-expanded=\"true\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-minus\"><\/i> What is the correct SPF record for Google Workspace?<\/a><\/h3><div class=\"sp-collapse spcollapse collapsed show\" id=\"collapse11790\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11790\"> <div class=\"ea-body\"><p>For domains that send only through Google Workspace, the correct record is v=spf1 include:_spf.google.com ~all. This is the value Google officially publishes. Add it as a single DNS TXT record. If you use other sending services, merge their includes into the same line rather than creating a second record.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11791\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11791\" aria-controls=\"collapse11791\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Where do I add the SPF record, in Google Admin or in DNS?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11791\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11791\"> <div class=\"ea-body\"><p>You add SPF in your domain's DNS, not in the Google Admin console. Log in to your DNS host or registrar, open DNS management, and create a TXT record with the SPF value. Google Workspace reads the published record from DNS; it does not store it for you.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11792\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11792\" aria-controls=\"collapse11792\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> How long does it take for a Google Workspace SPF record to work?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11792\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11792\"> <div class=\"ea-body\"><p>DNS changes can take up to 48 hours to fully propagate, though many providers update within a few hours. Google specifically notes that SPF authentication may take up to 48 hours to start working. Wait for propagation before testing, and avoid making repeated edits during that window.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11793\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11793\" aria-controls=\"collapse11793\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Can I have more than one SPF record on my domain?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11793\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11793\"> <div class=\"ea-body\"><p>No. A domain can have only one SPF record. Publishing two records that both start with v=spf1 causes a PermError and breaks SPF evaluation. When you add a new sending service, merge its include into your existing SPF record on the same line.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11794\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11794\" aria-controls=\"collapse11794\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> How do I verify my Google Workspace SPF record is working?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11794\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11794\"> <div class=\"ea-body\"><p>Use a lookup tool or the command line. Run your domain through the <a href=\"https:\/\/inboxwarm.ai\/tools\/spf-checker\" target=\"_blank\" rel=\"noopener\">SPF checker<\/a> or MXToolbox to validate syntax and lookup count, query it with dig or nslookup, or send a test email to Gmail and check the headers for spf=pass. Any one of these confirms the record is live and valid.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11795\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11795\" aria-controls=\"collapse11795\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> What does ~all mean at the end of the SPF record?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11795\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11795\"> <div class=\"ea-body\"><p>The ~all is a softfail qualifier. It tells receiving servers to accept mail from servers not listed in your record but treat it as suspicious, usually routing it to spam. It is Google's recommended default because it authenticates your mail without risking rejection of a sender you may have forgotten to include. A stricter -all rejects unlisted mail outright.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11796\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11796\" aria-controls=\"collapse11796\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Why is my SPF record failing even though it looks correct?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11796\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11796\"> <div class=\"ea-body\"><p>The two most common hidden causes are exceeding the 10 DNS lookup limit and having a second SPF record on the domain. Both produce a PermError that stops evaluation. Other culprits include a missing include:_spf.google.com, smart quotes from a copy-paste, or stray spaces. Verify with a tool that counts lookups, not just one that displays the record.<\/p><\/div><\/div><\/div><div class=\"ea-card sp-ea-single\"><h3 class=\"ea-header\"><a class=\"collapsed\" id=\"ea-header-11797\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse11797\" aria-controls=\"collapse11797\" href=\"#\" aria-expanded=\"false\" tabindex=\"0\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Do I still need DKIM and DMARC if I have SPF?<\/a><\/h3><div class=\"sp-collapse spcollapse \" id=\"collapse11797\" data-parent=\"#sp-ea-1179\" role=\"region\" aria-labelledby=\"ea-header-11797\"> <div class=\"ea-body\"><p>Yes. SPF only verifies the sending server and it breaks when mail is forwarded. DKIM adds a signature that survives forwarding, and DMARC ties both to your From domain and sets enforcement. Google requires bulk senders to run all three. Set up SPF first, then DKIM and DMARC.<\/p><\/div><\/div><\/div><\/div><\/div>\n<h2><span class=\"ez-toc-section\" id=\"final-thoughts\"><\/span>Final Thoughts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Setting up an SPF record in Google Workspace comes down to one line of text in the right place. Publish v=spf1 include:_spf.google.com ~all as a single DNS TXT record, keep it to one record per domain, stay under 10 lookups, and verify it after propagation. That is the whole job, and it is the foundation every other deliverability gain is built on.<\/p>\n<p>SPF is necessary, but it is not sufficient on its own. It verifies the server, not the message, and it does not survive forwarding. Pair it with DKIM and DMARC to meet Google&#8217;s requirements in full and to give your domain real protection against spoofing. Treat the three as one system, set them up in order, and monitor the results so a missing sender never quietly costs you the inbox.<\/p>\n<p>Authentication gets your mail eligible for the inbox. What earns it a consistent place there is reputation, built through steady, engaged sending over time. Get your Google Workspace SPF record right today, then keep the trust signals strong, and your campaigns stop fighting the spam filter and start landing where they belong.<\/p>\n<div style=\"background-color: #0e3e5d; color: #ffffff; padding: 40px; border-radius: 10px; margin: 40px 0; font-family: sans-serif;\">\n<h2 style=\"color: #ffffff; margin-top: 0; margin-bottom: 20px;\"><span class=\"ez-toc-section\" id=\"a-clean-spf-record-authenticates-you-but-a-cold-domain-still-has-no-reputation\"><\/span>A clean SPF record authenticates you, but a cold domain still has no reputation.<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"margin-bottom: 20px; color: #e0e0e0;\">InboxWarm.ai builds that track record automatically, ramping up your sending the way inboxes expect from a trusted sender. Start free for 10 days, no card required.<\/p>\n<p><a class=\"generic-btn-wrap\" style=\"color: \n#ffffff; text-decoration: none; font-weight: bold;\" href=\"https:\/\/app.inboxwarm.ai\/users\/sign_up\" target=\"_blank\" rel=\"noopener\">Get Started with InboxWarm.ai Today<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR To set up an SPF record in Google Workspace, add a single DNS TXT record at your domain host with the value v=spf1 include:_spf.google.com ~all. This authorizes Google&#8217;s mail servers to send email for your domain. Save the record, wait up to 48 hours for DNS propagation, then verify it with a lookup tool. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1183,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[28],"tags":[],"class_list":["post-1177","post","type-post","status-publish","format-standard","has-post-thumbnail","category-authentication"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Set Up an SPF Record in Google Workspace: Complete Setup Guide<\/title>\n<meta name=\"description\" content=\"Set up your Google Workspace SPF record the right way. Get Google&#039;s official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Set Up an SPF Record in Google Workspace: Complete Setup Guide\" \/>\n<meta property=\"og:description\" content=\"Set up your Google Workspace SPF record the right way. Get Google&#039;s official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/\" \/>\n<meta property=\"og:site_name\" content=\"InboxWarm\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-20T10:36:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-23T07:53:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1672\" \/>\n\t<meta property=\"og:image:height\" content=\"941\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Editorial Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Editorial Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/\"},\"author\":{\"name\":\"Editorial Team\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/#\\\/schema\\\/person\\\/965c5081af44fb9a5de76b4cc81014b8\"},\"headline\":\"How To Set Up An SPF Record In Google Workspace: Complete Setup Guide\",\"datePublished\":\"2026-06-20T10:36:40+00:00\",\"dateModified\":\"2026-06-23T07:53:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/\"},\"wordCount\":3113,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp\",\"articleSection\":[\"Authentication\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/\",\"url\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/\",\"name\":\"How to Set Up an SPF Record in Google Workspace: Complete Setup Guide\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp\",\"datePublished\":\"2026-06-20T10:36:40+00:00\",\"dateModified\":\"2026-06-23T07:53:02+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/#\\\/schema\\\/person\\\/965c5081af44fb9a5de76b4cc81014b8\"},\"description\":\"Set up your Google Workspace SPF record the right way. Get Google's official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#primaryimage\",\"url\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp\",\"contentUrl\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp\",\"width\":1672,\"height\":941,\"caption\":\"Diagram of a Google Workspace SPF record in a DNS TXT field passing an SPF authentication checkpoint into the inbox\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/google-workspace-spf-record-setup\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How To Set Up An SPF Record In Google Workspace: Complete Setup Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/\",\"name\":\"InboxWarm\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/#\\\/schema\\\/person\\\/965c5081af44fb9a5de76b4cc81014b8\",\"name\":\"Editorial Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g\",\"caption\":\"Editorial Team\"},\"url\":\"https:\\\/\\\/inboxwarm.ai\\\/blog\\\/author\\\/editorialteam\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Set Up an SPF Record in Google Workspace: Complete Setup Guide","description":"Set up your Google Workspace SPF record the right way. Get Google's official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/","og_locale":"en_US","og_type":"article","og_title":"How to Set Up an SPF Record in Google Workspace: Complete Setup Guide","og_description":"Set up your Google Workspace SPF record the right way. Get Google's official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.","og_url":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/","og_site_name":"InboxWarm","article_published_time":"2026-06-20T10:36:40+00:00","article_modified_time":"2026-06-23T07:53:02+00:00","og_image":[{"width":1672,"height":941,"url":"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp","type":"image\/webp"}],"author":"Editorial Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Editorial Team","Est. reading time":"15 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#article","isPartOf":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/"},"author":{"name":"Editorial Team","@id":"https:\/\/inboxwarm.ai\/blog\/#\/schema\/person\/965c5081af44fb9a5de76b4cc81014b8"},"headline":"How To Set Up An SPF Record In Google Workspace: Complete Setup Guide","datePublished":"2026-06-20T10:36:40+00:00","dateModified":"2026-06-23T07:53:02+00:00","mainEntityOfPage":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/"},"wordCount":3113,"commentCount":0,"image":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#primaryimage"},"thumbnailUrl":"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp","articleSection":["Authentication"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/","url":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/","name":"How to Set Up an SPF Record in Google Workspace: Complete Setup Guide","isPartOf":{"@id":"https:\/\/inboxwarm.ai\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#primaryimage"},"image":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#primaryimage"},"thumbnailUrl":"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp","datePublished":"2026-06-20T10:36:40+00:00","dateModified":"2026-06-23T07:53:02+00:00","author":{"@id":"https:\/\/inboxwarm.ai\/blog\/#\/schema\/person\/965c5081af44fb9a5de76b4cc81014b8"},"description":"Set up your Google Workspace SPF record the right way. Get Google's official SPF value, a 7-step setup walkthrough, verification tips, and fixes for errors.","breadcrumb":{"@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#primaryimage","url":"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp","contentUrl":"https:\/\/inboxwarm.ai\/blog\/wp-content\/uploads\/2026\/06\/How-To-Set-Up-An-SPF-Record-In-Google-Workspace-Complete-Setup-Guide.webp","width":1672,"height":941,"caption":"Diagram of a Google Workspace SPF record in a DNS TXT field passing an SPF authentication checkpoint into the inbox"},{"@type":"BreadcrumbList","@id":"https:\/\/inboxwarm.ai\/blog\/google-workspace-spf-record-setup\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/inboxwarm.ai\/blog\/"},{"@type":"ListItem","position":2,"name":"How To Set Up An SPF Record In Google Workspace: Complete Setup Guide"}]},{"@type":"WebSite","@id":"https:\/\/inboxwarm.ai\/blog\/#website","url":"https:\/\/inboxwarm.ai\/blog\/","name":"InboxWarm","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/inboxwarm.ai\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/inboxwarm.ai\/blog\/#\/schema\/person\/965c5081af44fb9a5de76b4cc81014b8","name":"Editorial Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5743c33766d00a414694fdb2a7c34a97643cecdad3989b02bef97232ac4d5c47?s=96&d=mm&r=g","caption":"Editorial Team"},"url":"https:\/\/inboxwarm.ai\/blog\/author\/editorialteam\/"}]}},"_links":{"self":[{"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/posts\/1177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/comments?post=1177"}],"version-history":[{"count":4,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/posts\/1177\/revisions"}],"predecessor-version":[{"id":1189,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/posts\/1177\/revisions\/1189"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/media\/1183"}],"wp:attachment":[{"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/media?parent=1177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/categories?post=1177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inboxwarm.ai\/blog\/wp-json\/wp\/v2\/tags?post=1177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}