Does every email platform handle SPF the same way?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

Short answer: no, they don't. How your ESP handles SPF depends entirely on which domain it actually sends your email from. That one detail changes what you need to do in your DNS.

There are two main models you'll run into.

Model 1: Your ESP sends from its own domain. Here, the email technically leaves from something like mail.espname.com, even if your name appears in the From field. Because the sending domain belongs to the ESP, their SPF record already covers it. You don't need to touch your DNS for SPF at all. Mailchimp works this way by default for unverified domains.

Model 2: Your ESP sends from your domain. Here, the email leaves from you@yourdomain.com at the SMTP level. Now the receiving server checks your domain's SPF record, and if it doesn't include your ESP's sending servers, SPF fails. You need to add an include: statement to your DNS, something like include:sendgrid.net for Twilio SendGrid, or include:_spf.brevo.com for Brevo.

How do you know which model your ESP uses? The fastest way is to look at the raw headers of a sent email. Find the Return-Path or envelope-from field. If it shows a domain that isn't yours, your ESP is covering SPF on its end. If it shows your domain, you need to add the include yourself.

The other place to check is your ESP's authentication documentation. Most platforms have a dedicated setup guide, often titled something like "custom domain authentication" or "SPF and DKIM setup." If it tells you to add a DNS record, you're in Model 2. If it doesn't mention DNS at all, you're probably in Model 1 (though you should still verify with the headers).

But one thing worth noting: even if your ESP handles SPF automatically today, that can change when you enable custom domain sending. Many platforms start you on shared infrastructure and then shift you to your own domain once you verify it. Don't assume the model stays the same after you update your settings.

If you want to confirm what's actually passing, our free Email Header Analyzer will show you exactly what the authentication results look like for a real sent message. Paste the headers in and it'll tell you whether SPF passed, which domain was checked, and whether everything lines up the way it should.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Check your SPF setup

I'm setting up SPF for my ESP name and I'm not sure whether I need to add anything to my DNS or whether they handle it automatically. Based on the two models below, tell me which one my ESP likely uses, what I should look for in the email headers to confirm it, and exactly what DNS record I'd need to add if I'm in Model 2. My sending domain is my domain. I'd also like to know if there are any situations where the model could change (like enabling custom domain sending).

Edit the yellow boxes, then send to the AI of your choice.