Summary
When configuring SPF records for SendinBlue, it's crucial to prioritize email deliverability by adhering to established best practices. Using a subdomain for SendinBlue is highly recommended to isolate your primary domain's reputation and protect it from potential deliverability issues. Avoid multiple SPF records; consolidate all authorized sending sources, including SendinBlue and Google Workspace, into a single SPF record using 'include:' mechanisms. Be mindful of SPF record limitations: stay within the 255-character limit and adhere to the 10 DNS lookup limit. Proper syntax is essential to prevent evaluation errors. Understand that SPF authenticates the envelope from/return path/bounce domain, not the domain visible in the email client. The MX mechanism can often be dropped as unnecessary. If near the DNS lookup limit, consider SPF flattening. Ensure a valid SPF record exists to prevent emails from being flagged as spam or rejected.
Key findings
- Subdomain Recommended: Using a subdomain for SendinBlue separates your sending reputation and protects your primary domain.
- Single SPF Record Required: Multiple SPF records are invalid; consolidate all sending sources into one record.
- SPF Limits: SPF records must be under 255 characters and adhere to the 10 DNS lookup limit.
- SPF Authenticates Return Path: SPF authenticates the envelope from/return path/bounce domain, not the display domain.
- Proper SPF setup: SPF records are essential for preventing spoofing, and improving deliverability.
Key considerations
- Syntax Matters: Ensure correct SPF syntax to prevent evaluation errors.
- Impact of Missing SPF: Missing or misconfigured SPF records can lead to emails being flagged as spam or rejected.
- Consider SPF Flattening: Use SPF flattening to reduce DNS lookups if approaching the limit.
- MX Mechanism Optional: The MX mechanism can often be dropped from the SPF record.
- Order of Statements: Place more 'expensive' lookups (like 'mx' or 'a') near the end of the SPF record.
What email marketers say
11 marketer opinions
When configuring SPF records for SendinBlue, it's crucial to avoid common pitfalls and adhere to best practices to ensure optimal email deliverability. A key recommendation is to use a subdomain instead of your primary domain for sending emails via SendinBlue. This isolates your primary domain's reputation and protects it from potential deliverability issues arising from marketing campaigns. Multiple SPF records for a single domain are invalid; instead, consolidate all authorized sending sources, including SendinBlue, into a single SPF record using 'include:' mechanisms. Ensure your SPF record remains under the 255-character limit and adheres to the 10 DNS lookup limit to prevent authentication failures. Prioritize accurate syntax and proper SPF record formatting to avoid common setup errors.
Key opinions
- Subdomain Usage: Using a subdomain for SendinBlue is recommended to separate sending reputation from the primary domain.
- Single SPF Record: Only one SPF record should exist per domain; combine all authorized senders into one record.
- SPF Record Limits: SPF records must be under 255 characters and adhere to the 10 DNS lookup limit.
- Record Importance: SPF records are important for preventing spoofing, and improving deliverability.
Key considerations
- SPF Syntax: Ensure the SPF record uses correct syntax to avoid evaluation errors.
- Deliverability Impact: Missing or misconfigured SPF records can lead to emails being flagged as spam or rejected.
- SPF Flattening: Consider SPF flattening techniques to reduce DNS lookups if you're approaching the limit.
- Order of statements: Consider putting more 'expensive' lookups near the end of the SPF record.
Marketer view
Email marketer from Email Geeks shares that, 'It's possible to set up your organizational domain, as the “domain” in SendinBlue but it’s highly recommended against as you want the sender reputation of your organizational domain to have some separation from the subdomain for marketing.'
16 Mar 2023 - Email Geeks
Marketer view
Email marketer from Reddit shares that it's recommended to use a subdomain for sending emails with SendinBlue. This helps to separate your sending reputation from your main domain and protects it from potential damage if your email campaigns have issues.
25 Apr 2025 - Reddit
What the experts say
3 expert opinions
When configuring SPF records, particularly in conjunction with SendinBlue or other ESPs, it's critical to use a subdomain rather than your bare domain to isolate reputation and prevent deliverability issues. You must ensure all sending sources are included in a single SPF record using 'include:' mechanisms instead of creating multiple SPF records. Additionally, remember that SPF authenticates the envelope from/return path/bounce domain, not the domain visible in the mail client, and the MX mechanism can often be dropped as unnecessary.
Key opinions
- Subdomain for ESPs: Use a subdomain for SPF records when using ESPs to isolate reputation.
- Single SPF Record: Consolidate all sending sources into a single SPF record using 'include:' mechanisms.
- Authentication Domain: SPF authenticates the envelope from/return path/bounce domain, not the visible domain.
Key considerations
- MX Mechanism: The MX mechanism might be unnecessary and can be dropped from the SPF record.
- Reputation Isolation: Using a subdomain helps protect your primary domain's reputation from potential deliverability issues caused by ESPs.
- Multiple SPF Records: Having multiple SPF records is invalid and will cause issues with email authentication.
Expert view
Expert from Spam Resource answers that if you use multiple email service providers, such as Sendinblue, you must ensure all are included within a single SPF record for your domain. This involves using 'include:' mechanisms for each provider, rather than creating separate SPF records, which is invalid.
1 Aug 2022 - Spam Resource
Expert view
Expert from Email Geeks explains that you can drop the MX mechanism and that one MX is sufficient but unnecessary. Also clarifies SPF authenticates the envelope from/return path/bounce domain, not the domain seen in the mail client.
4 Oct 2024 - Email Geeks
What the documentation says
4 technical articles
To ensure optimal email deliverability, you must authenticate your domain with SPF and DKIM records as instructed by SendinBlue. Your SPF record should include all authorized sending sources, including third-party email marketing platforms. Be mindful of the 10 DNS lookup limit for SPF records; exceeding this limit can cause authentication failures, and flattening your SPF record might be necessary. You can add or update your SPF record through your domain settings, following specific syntax guidelines to incorporate services like Google Workspace.
Key findings
- Domain Authentication: Authenticating your domain with SPF and DKIM is crucial for email deliverability.
- Include All Sources: SPF records must include all authorized sending sources, including third-party services.
- Lookup Limit: SPF records are limited to 10 DNS lookups; exceeding this limit causes authentication failures.
Key considerations
- SendinBlue Instructions: Follow SendinBlue's specific instructions for generating and adding SPF and DKIM records.
- SPF Record Syntax: Adhere to proper syntax when adding or updating your SPF record to include Google Workspace or other services.
- SPF Flattening: Consider SPF flattening if your record approaches or exceeds the 10 DNS lookup limit.
Technical article
Documentation from RFC specification answers that an SPF record should include all authorized sources which are able to send mail on behalf of the domain, including any third-party services such as email marketing platforms.
12 Sep 2021 - RFC
Technical article
Documentation from SendinBlue explains that you need to authenticate your domain to improve deliverability. This involves adding SPF and DKIM records to your domain's DNS settings. They provide specific instructions for generating and adding these records within the SendinBlue platform.
13 Apr 2023 - SendinBlue
How can I optimize my SPF record to stay within the lookup limit when using multiple email sending services?
Do I need to include Mailchimp's SPF record in my domain's SPF if Mailchimp handles the bounce address?
Do small email senders need their own SPF/DKIM records or can they rely on their ESP?
How do I set up an SPF record when using multiple email sending services?
Can I use my TLD for SAP with Marketing Cloud when it's also used for corporate email?
How do I properly set up SPF and DKIM records for email marketing, including handling multiple SPF records, IP ranges, bounce capturing, and Google Postmaster Tools verification?
