What are ptr, exists, exp, and macro mechanisms?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

These are the less-common end of the SPF mechanism toolkit. Most senders never need them. But if you're reading SPF records at scale, working with a large ESP's infrastructure, or debugging something unusual, it helps to know they exist. ptr. Checks whether the sending IP's reverse DNS (PTR record) resolves to the specified domain. Sounds useful, but it's explicitly discouraged in the SPF specification because PTR lookups are slow and unreliable. If you see ptr in a production SPF record, that's a legacy configuration that probably hasn't been cleaned up.

exists:. Performs a DNS query to check whether a given domain resolves. If it does, the mechanism matches. This isn't about checking an IP against an address range. It's a way to build dynamic rules using DNS. Large ESP infrastructures sometimes use this for conditional authorization. Unusual in the wild for standard senders.

exp=. Points to a TXT record containing an explanation string that gets returned to sending servers when a message fails SPF with a hard fail. It's not a mechanism in the evaluation sense; it's a modifier. Most senders don't bother with it because the explanation rarely reaches end users.

Macros. SPF has a macro language that lets record authors write dynamic values that expand during evaluation. For example, %{i} expands to the sending IP, and %{d} expands to the domain. Macros are how large-scale ESP and security systems build per-sender SPF policies without publishing millions of individual records. As a regular sender, you'll probably never write macros. But if you're debugging an SPF record from a major sending platform and you see %{i} inside a DNS path, that's what it means.

For most senders, your SPF record should stick to the standard mechanisms: use ip4, include, and maybe a or mx, followed by -all or ~all. If you think you need ptr or exists, it's worth pausing to check whether there's a simpler approach. Our free SPF checker can validate your record and flag any unusual mechanisms.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Get a read on whether your advanced SPF configuration makes sense.

I read this on the Email Almanac about advanced SPF mechanisms. My SPF record contains [paste the relevant part of your record, e.g., a ptr or exists mechanism]. I'm trying to understand [describe, e.g., "whether I should remove a ptr mechanism from an old record" or "what the macros in my ESP's SPF record are doing" or "whether the exp= modifier is worth setting up"].

Edit the yellow boxes, then send to the AI of your choice.