What is the maximum length of an SPF TXT record string?

The maximum length of an SPF record is a common source of confusion. Many people see a '255 character limit' warning and believe their entire SPF record must be shorter than that. While there is a limit, it doesn't work the way most people think. The short answer is that an individual string within a TXT record is limited to 255 characters, but you can use multiple strings to create a much longer SPF record.

This distinction is critical for creating a valid SPF record that doesn't cause validation issues for your emails.

Suped DMARC monitor

Free forever, no credit card required

Get started for free

Trusted by teams securing millions of inboxes

The technical specification for DNS, which SPF is built upon, defines a limit for a single character string in a TXT record. According to RFC 7208, the protocol that defines SPF, an SPF record is stored within a TXT record. The TXT record type itself has a limitation where a single text string cannot be longer than 255 bytes (or characters).

Automatic SPF Management says:

Visit website

A single String in a TXT or SPF record cannot exceed 255 bytes, but a single record is allowed to contain multiple Strings.

However, the same rules allow a single TXT record to contain multiple character strings. When an email server looks up your SPF record, it's designed to fetch all these individual strings and concatenate them, or join them together, into a single line of text before evaluating it. This means you can create an SPF record that is much longer than 255 characters by simply splitting it into multiple quoted strings.

While you can split your record into multiple 255-character strings, there is still a practical limit on the total length of the TXT record. Most DNS providers will support a total length of several thousand characters. For example, Amazon Web Services states that they support a maximum value of 4,000 characters.

Amazon Web Services, Inc. says:

Visit website

A value of up to 255 characters in one string; Multiple strings of 255 characters in a single TXT record; Maximum length of a value of 4,000 characters;

The more important limitation you will almost certainly encounter first is the SPF 10 DNS lookup limit. The SPF specification states that a record cannot require more than 10 DNS lookups to be fully resolved. Mechanisms like include, a, mx, and exists all count towards this limit. Long SPF records are often a symptom of having too many services, which leads to exceeding this lookup limit.

To format an SPF record longer than 255 characters, you must break it down into separate strings, each enclosed in double quotes ("). Your DNS provider's interface should allow you to enter these strings one after another in the value field for the TXT record.

For example, a long SPF record might look like this in your DNS zone file:

"v=spf1 include:_spf.google.com include:sendgrid.net include:servers.mcsv.net" " include:mail.zendesk.com ip4:192.168.0.1 ~all"

Thankfully, many modern DNS hosting providers have simplified this. They often provide a single large text box where you can paste your entire SPF record, and they will automatically split it into 255-character chunks for you behind the scenes. It's always a good idea to use an SPF checker tool after making changes to ensure it's being read correctly.

When managing SPF records, especially long ones, a few common mistakes can lead to major email deliverability problems.

• Creating multiple SPF records. A domain must only have one SPF record. If you publish more than one, recipient servers will become confused and may reject the record entirely, resulting in a 'permerror'. As WP Mail SMTP points out, this can cause your emails to be rejected or marked as spam. You must merge all your sending sources into a single record.
• Ignoring the 10 DNS lookup limit. This is the most frequent cause of SPF validation failures. Even if your record is under the character limit, exceeding 10 lookups will also cause a 'permerror'. You must regularly audit your record to remove unnecessary entries or use subdomains to delegate certain services.
• Incorrect syntax. Forgetting the space between concatenated strings or using incorrect quotation marks can invalidate your record. Always double-check your syntax.

In conclusion, the 255-character limit for SPF records is not as restrictive as it seems. By understanding that it applies to individual strings within a TXT record, you can create valid records that are much longer. However, always be mindful of the more critical 10-lookup limit, as this is the constraint that typically causes problems for growing businesses.