Quotes in SPF from Apple iCloud+


I am following the tutorial from here: Cloudflare config for iCloud+ Custom Email Domain

but in my case Apple wants me to add double quotes to the SPF record:

Should I follow Apple or the tutorial here?

(Ignore the highlighted line, it is the SPF entry what is in question not DKIM.)


SPF records in general should not contain quotes and should start v=spf1 so I’m not sure why Apple recommend that or have the double quotes.


I don’t think that line is correct. I am expecting its an issue of Text parsing or something.

I’d add it without quotes. Personally.

I’d also consider substituting the tilde with a -, to make all other IPs actually fail, and not pass. Especially to check if the record works.


Oh so just like that? Thanks.




Thank you very much all! Appreciated, I was really confused by this.


I am not really sure about this, shall I really do that? What is the benefit for me, the owner of my family email domain :slight_smile: But Apple already proved to be incorrect, so I guess I will just trust you in this.

Just to confirm is this the normal - dash character like on the US keyboard next to zero number, or some kind of special minus sign?

Normal minus sign. It’s a small change that allows you to decide what happens to the IPs not in the iCloud allowed list of senders. The tilde is a soft fail, meaning they fail, but are allowed through, the minus is a hard fail, so they don’t pass.

I have mine all set to the minus. Just remember that only iCloud is allowed to send emails, if you use any other service you need to add it there and allow it (as you should regardless).

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.