--- title: "SPF Record" slug: "spf-record" updated: 2025-09-16T13:11:04Z published: 2025-09-16T13:11:04Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.mapp.com/llms.txt > Use this file to discover all available pages before exploring further. # SPF Record ## Overview The **Sender Policy Framework (SPF)** is an email authentication protocol that helps protect your domain from spoofing and phishing. It verifies that messages claiming to come from your domain are actually sent from servers you’ve authorized. SPF is critical for: - Preventing unauthorized use of your domain in the "return path" (envelope sender) - Improving email deliverability and sender reputation - Enhancing protection against phishing attacks Once SPF is set up, your domain becomes less attractive to spammers, making your emails more likely to reach recipients' inboxes. > [!NOTE] > To configure SPF for your **Mapp Engage** system, please **contact your customer service representative**. --- ## Configuration and Behavior ### 1. Understand What SPF Does - SPF authenticates the **envelope sender address** (also called the **SMTP return path**). - The SPF record lists all servers allowed to send emails on behalf of your domain. - It is published in your domain's **DNS** settings. - Receiving mail servers look up this record to determine whether a message from your domain is legitimate. - Emails sent from unauthorized servers are rejected or marked as spam. --- ### 2. Add Mapp Engage to Your DNS To allow Mapp Engage to send emails using your domain: 1. Access your domain’s DNS settings. 2. Add or update your SPF TXT record to include Mapp’s mail servers. 3. This authorizes Mapp Engage to send authenticated emails from addresses like `@mydomain.com`. **Note:**Even if your domain already has an SPF record, you must **explicitly add Mapp Engage** to it. --- ### 3. Using Subdomains If you're sending from a **subdomain** (e.g., `@sales.mybrand.com`) that doesn’t yet have an SPF record, you must create or update the SPF record **separately** for that subdomain—even if the parent domain has one. --- ### 4. Understand SPF Behavior in Mapp Engage - When SPF is configured, the **group domain** (based on the DNS entry) is **automatically assigned** when you create a new group. - This domain cannot be edited after creation. - You can still manually define a **From Address** in the group settings. - This From Address must also be authorized by SPF if it’s different from the group domain. --- ### 5. Header Behavior Mapp Engage distinguishes between two types of addresses in email headers: - **Return Path** = the envelope sender or **SMTP Return-Path** - **From Address** = the sender address visible to recipients Here’s how they behave: - If Mapp is **not** authorized to send from the specified **From Address**, the SPF check **fails**. - If Mapp **is** authorized to send from it, SPF **passes**, even if the From Address differs from the Return Path. - **SPF does not compare** these two addresses — it only checks the Return Path. - However, to pass **DMARC**, the Return Path and From Address must **match**. > [!WARNING] > 💡 **Best practice:** Keep the Return Path and From Address identical unless you have a specific reason not to. Deliverability is the ability of an email to reach a recipient’s inbox successfully. It is influenced by factors like sender reputation, authentication, and engagement. A score that reflects the trustworthiness of an email sender, influencing deliverability and inbox placement. ## Related - [Group Creation: Reply Handling](/reply-handling-tab.md)