Confirm spf added correctly

Hope you can help with this! Not receiving email at one of our addresses. Our web host suggested this was due to a missing SPF. I think I followed the directions from the help center, but this is all new for me so I’m hoping some more knowledgeable person can confirm what I did is correct.

Here’s what is now on our DNS record (with edits to hide personal info):
Type: TXT
Content: v=spf1 +mx +a +ip4:xxx.xx.xx.xx ~all -
TTL: Auto
Proxy Status: DNS only

Thanks for your help,

The trailing hyphen shouldn’t be there, but apart from that it looks like a valid SPF record, of course assuming the entry is correct which nobody else than you and your mail host can tell.

You might want to familiarise yourself with Sender Policy Framework - Wikipedia

But SPF is for sending emails, not receiving them, so you probably rather want to check out Email Troubleshooting

1 Like

Wow, Sandro, thanks so much for getting back to me so fast! Re. the hyphen, that was a typo on my part and wasn’t in the record I added.

However, you said SPF was for sending and I seem to be able to send okay, but I can’t receive anything on one email address.

So did my web host steer me wrong when she told me to add an SPF record in Cloudflare to receive email? If so, can they help or do I have to work this out with Cloudflare?

I will check out the links you sent, too. Thank you.


Cloudflare generally does not handle email at all, so the forum here would be unfortunately the wrong place to clarify that. The only thing that would be Cloudflare related would be that you should make sure that all email related records are :grey:. But that’s already covered by aforementioned tutorial.

Apart from that, if you have problems receiving emails, then you can safely ignore SPF as that is only sending related.

If you post the domain, the DNS records in questions could be checked.

Thanks again, Sandro. Appreciate the information re. Cloudflare and email.

What’s odd is that our cpanel does say “Problems Exist for SPF: A “SPF” record does not exist for this domain.” And even odder that all this just happened. Up until May 26, email was coming in to the problem account (and all others) just fine. Agh, technology is not easy for us on techy types!

All that aside, I’ll gladly post our domain for the DNS to be checked. It’s

Sure appreciate your help and I’m working through the articles you linked me to.


You do have an SPF record for that domain.

nslookup -type=txt
Address:     text =

        "v=spf1 +mx +a ...."

But as I mentioned, the SPF record is not involved when receiving emails.

As for that, you do have an MX record which points to an IP address ending in 198. If that is the correct IP address, then you should receive emails just fine. The only thing, the record is proxied, when it should not be, but not even that should necessarily be an issue.

For clarification, is the issue actually receiving emails (they don’t arrive at your mail server) or rather fetching them? If it is the latter, you might be connecting to a proxied record and that brings us back to the point I originally mentioned.

Sandro, you are my new best friend. Thank you for all your information and, especially, for checking out our record!

Yes, that IP address is correct. There also is a warning icon beside the MX record telling me it “exposes the IP address behind which you have proxied”. Do I need to fix that somehow, too?

As for your question re. receiving mail, not 100% sure of the answer. I know they don’t show up in WebMail on the server. Does that mean they aren’t getting to the server. Oddly enough, the other emails at (i.e., linda, info, admin) all arrive in their respective inboxes just fine. So to me that suggests some other issue besides a Cloudflare one???


Nothing to fix here, anything that is not web related has to be unproxied and will “expose” the address. Exposing in this context means that the resolved address will be the actual address and not Cloudflare’s proxies.

Most likely, if it is just one single address there’ll be an issue on your host’s side. Anything mail related is something you need to take up with your host I am afraid.

Okay, thanks for the reassurance re. the MX warning. I understand that.

As for the email, I’ll go back to our host as you suggested.

One further question, Sandro: should I delete the SPF record I just created as a TXT? Or just leave it alone??

Thanks again.

Why would you delete it? Please check out the Wikipedia link I posted earlier as that goes into details about SPF.

Got it, Sondra. I hadn’t read it before asking my question. I’ll read the docs you suggest to gain more understanding of all this.
UPDATE: Aha, now I see. The S in SPF stands for Sender! Also, I refreshed the page on my host that told there was an SPF problem and it now says it’s VALID. All good news so really glad you told me not to delete it! :slight_smile:

Thanks for all your help. Shall I post back what I learn from our host? Or is it relevant given email is not really relevant to Cloudflare.

Thanks again.

Lots of posters changed me into Sandra, but Sondra is a new :smile:

Probably not necessary. Email really is far beyond of what Cloudflare is handling and there’s already plenty of tutorials, so just make sure your DNS records are correct (which they are, except for the MX record being proxied, which you still might want to fix) but anything that is mail server related really is just between you and your host. Cloudflare does not really come into the picture here.

Just as quick summary, SPF essentially is a text string which is associated with your domain via its DNS records and specifies which IP addresses are authorised to send emails for that domain. The exact syntax is explained in the Wikipedia article.

Sandro, sorry about that. Blame it on overload of stuff beyond my understanding resulting in brain fog!

Please see my update to my message above the one I’m now replying to. Thanks, too, for your “quick summary” re. SPF. The Wikipedia article does flesh out my understanding, that’s for sure!

Final question: should I be fixing that MX issue re. proxy? If so, can you direct me to a link that tells me how? Please.

Thank you for all your time, help and new learning, Sandro … much appreciated.


No worries :smile:, I got used to it, stopped counting how many people turned me into a girl so far :crazy_face:.

Generally yes. Because Cloudflare automatically “unproxies” such records, it’s not necessarily an issue, but ideally it should not be proxied to begin with.

I assume your MX record currently points to your naked domain, right? Create another unproxied A record named mail, point it to the same address as your naked domain, and then point your MX record to that record. That’s it.

The MX record gives Name as and Content as Does that mean it’s pointing to our naked domain?

Its Status says “DNS Only” not “Proxied” as all the A and CNAME records do. So it doesn’t seem as if it is proxied or am I completely confused?

Maybe I should just leave it as is, but save your instructions in case issues arise??

In that case you should change the proxy status of your mail record.

OK. That is the CNAME record for mail, correct? It is proxied.

Not sure about your question. But the record your MX record is pointing to should not be proxied.

Got it, Sandro. The one I mentioned is the one it’s pointing to.