Fix SPF for Microsoft 365
Stop legitimate email bouncing or landing in spam by getting your SPF record right for Microsoft 365.
Why SPF matters
SPF tells receiving mail servers which hosts are allowed to send email for your domain. Without it — or with a broken record — messages from Microsoft 365 can fail authentication.
The Microsoft 365 include
Most Microsoft 365 tenants should publish a TXT record like: v=spf1 include:spf.protection.outlook.com -all. Use ~all while testing, then tighten to -all when you are confident nothing else sends mail for the domain.
Check before you change
Use the MrTech email check tool to see your current SPF, DMARC and DKIM status. If you also send from a website form, CRM or newsletter platform, add their include entries before the final all mechanism.
Try it now
Run the related tools
Need a hand?
Run the tools. Then talk to us.
Use our free diagnostics to see what is wrong, then get Melbourne IT support for the fix.
Keep reading
More guides
Set up DMARC for your business
Move from none to quarantine with a policy that protects your domain from spoofing without breaking legitimate mail.
- What DMARC actually does
- Start with monitoring
Email security best practices
Reduce phishing, spoofing and invoice fraud with authentication, filtering, and habits your team can maintain.
- Authenticate your domain
- Filter before the inbox