The Skysnag Blog

Multiple SPF records on a domain?

October 11, 2023  |  < 1 min read

Can more than one SPF record be present on the same domain? The answer is no; if a domain contains more than one SPF record, SPF will fail with a PermError.

A TXT record in the DNS known as an SPF record is one that begins precisely with “v=spf1” and is followed by a variety of mechanisms and/or modifiers.

A domain’s TXT records with the identical first character “v=spf1” are fetched to start an SPF check:

  • It returns “none” if no such record is found 
  • If more than one such record is discovered, it returns PermError.

For instance, if has two TXT records:

Record TypeNameValueTTL
TXTyourdomain.comv=spf1 -allDefault
TXTyourdomain.comv=spf1 -allDefault

All emails sent on’s behalf will include PermError SPF authentication failures.

You must include all the mechanisms that have legitimate IP addresses in a single SPF record in order to fix the issue, as demonstrated below:

Record TypeNameValueTTL
TXTyourdomain.comv=spf1 -allDefault

All of these prerequisites must be satisfied for SPF authentication to succeed:


Skysnag automates SPF for you preventing multiple SPF records from being generated. This saves you the trouble and time required for manual configuration. Avoid PermError SPF authentication failures right away and use Skysnag’s automated software to safeguard your domain’s reputation from compromised business emails, password theft, and potentially significant financial losses. Sign up using this link and monitor your email flow with Skysnag.

Check your domain’s DMARC security compliance

Enforce DMARC, SPF and DKIM in days - not months

Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.