Upgrade for Live Support

All of our paid plans come with access to our highly experienced technical support team.

  • Contact us via Email, Phone, or Ticket
  • Detailed Explanation of Your Lookup Results
  • Guidance to Help Resolve Your Problems
  • RFC Compliance Best Practices
  • Blacklist Delisting Support

Let our experts help you resolve your spf issue!

Get Spf Support
MTA-STS
BIMI
DMARC
DKIM
DOMAIN
DNS
HTTP
HTTPS
DOMAIN BLACKLIST
TCP
SMTP
BLACKLIST
CNAME
WHOIS
SPF

SPF Alignment

What you see when your domain has this problem
SPF Alignment Failed Details area Ignore

More Information About Spf Alignment

DMARC ASPF Tag

 

This particular tag indicates the SPF identifier alignment portion of your DMARC policy. Like the adkim designation, the aspf tag can be utilized in relaxed (r) or strict (s) modes. Successful alignment happens when the “Mail-From” address and the “From” address domains are identical. In addition, it automatically defaults to the aspf=r setting.

Highlighted below is an aspf tag used in a DMARC record:

v=DMARC1; p=quarantine; pct=25 ; rua=mailto:dmarcreports@mxtoolbox.com; aspf=strict;

Relaxed SPF Alignment

In relaxed SPF Alignment, the MailFROM domain and the Header From domain must be an exact match or a parent/child match (i.e. example.com and child.example.com). The parent/child match type allows any subdomain and parent domain pair to generate a PASS result. Also worth noting, in the parent/child match scenario either the MailFROM domain or the Header From domain can be the parent or the child domain. When the relaxed setting is specified in a DMARC record it will look like the below example:

Relaxed SPF Alignment tag in a DMARC record (aspf=r)
v=DMARC1; p=quarantine; pct=25 ; rua=mailto:dmarcreports@mxtoolbox.com; ruf=mailto:dmarcfailurereports@mxtoolbox.com; aspf=r;
 

Pass / Fail Scenarios in Relaxed Alignment

MailFrom Domain is Header From Domain is Result is
mail.example.com example.com PASS
example.mail.com example.com FAIL
 

Strict SPF Alignment

In strict (s) alignment, a DMARC record will expressed with the aspf=s tag published as illustrated below:

Strict SPF Alignment tag in DMARC record (aspf=s)
v=DMARC1; p=quarantine; pct=25 ; rua=mailto:dmarcreports@mxtoolbox.com; ruf=mailto:dmarcfailurereports@mxtoolbox.com; aspf=s;
 

Pass / Fail Scenarios in Strict SPF Alignment

Now, with aspf=s tag published, the MailFROM domain and the Header From domain must exactly match. Below are two examples, one displaying an exact match generating a PASS result and another displaying parent/child domains that generat a FAIL result.

MailFROM Domain is Header From Domain is Result is
mail.example.com mail.example.com PASS
mail.example.com example.com FAIL

 

Your Email Deliverability is in Jeopardy!

Blacklisting is a sign that you are not actively managing your email deliverability. Other technologies - SPF, DKIM and DMARC are now just as important to get your email placed in the Inbox of your recipients. If you aren’t managing email deliverability, your message may never be heard.

MxToolbox Delivery Center Features:

  • Insight into your SPF, DKIM and DMARC configuration to ensure your sending email properly
  • DMARC Compliance checks for all of your reported email
  • Adaptive Blacklist Monitoring of all your email senders
  • Recommendations for improving DMARC compliance and DMARC policies
  • Event-based reminders for emergent issues and on-going maintenance

DMARC is a necessity for your business!

  Learn More about Email Delivery

burritos@banana-pancakes.com braunstrowman@banana-pancakes.com finnbalor@banana-pancakes.com ricflair@banana-pancakes.com randysavage@banana-pancakes.com