An SPF record must start with the format `v=spf1`; otherwise, it will be disregarded.
An SPF record (Sender Policy Framework record) is a type of TXT record that defines the email-sending policies for a domain. It’s a simple text entry located within the domain’s DNS records. Since SPF records are meant to be read and processed by machines, they must follow a strict format.
The record must begin with v=spf1 to specify the version of SPF in use. Currently the only active version of SPF is version 1, hence all SPF records my start with v=spf1. This initial declaration is mandated in the SPF standard documented under RCF 7208. SPF records that do not start with this declaration MUST be disregarded.
Consequently, email servers will ignore the SPF record entirely, effectively treating it as if no SPF record exists. This misconfiguration leaves your domain susceptible to email spoofing and may negatively impact email deliverability.
To mitigate this issue, ensure that all SPF TXT records for your email-sending domains start with the value v=spf1. You should be able to get correct SPF records from your email provider, however, ensure that the provided configuration is correct and does not include any special characters or other formatting that would render the record ineffective. The best method for detecting SPF records that fail due to formatting issues is with a SkySiege Cloud Assessment which detects any invalid SPF records including those starting with invisible characters or other troublesome issues:
SkySiege Cloud Security Assessments scan for this issue and provide same-day reports..
Available for individual projects or organisations.
