DigitalOcean

Question

How to set up SPF for Google Apps and Sendgrid

I’m using sendgrid.com to send emails from my Django app to confirm user’s emails during registration, and for other notification purposes. The sender for these emails is webmaster@ifbt.farm. I added CNAME records per the sendgrid instructions.

I later set up a Google business account with two email addresses, ddrake@ifbt.farm and kdrake@ifbt.farm. I added MX records per the Google instructions.

I’ve read a bit about SPF, and I understand that I need to add a txt record, with an include directive, but I need to be sure that I’m not blocking any of these emails.

The article https://www.digitalocean.com/community/tutorials/how-to-create-a-spf-record-for-your-domain-with-google-apps seems quite old, and contains a broken link.

Can someone help me out with the correct SPF text line for this case?

Thanks

Show comments
Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Dow DrakeMarch 20, 2024
Accepted Answer

Hi Bobby,

Thanks for your help on this. I finally got a clear answer back from SendGrid support. Quoting Yashashwini:

The SPF that we instruct our users to add (via [domain authentication–see here for more](https://sendgrid.com/docs/User_Guide/Settings/Sender_authentication/How_to_set_up_domain_authentication.htm l)) is created using a different hostname value for the CNAME which ensures other SPF records (TXT) are left unaffected. If you do have any examples of SPF failures for messages sent via SendGrid and want further investigation, please provide us some examples and additional context for us to troubleshoot.

Based on this, I’m going to leave the automated SendGrid security as is and simply add this TXT record v=spf1 include:_spf.google.com ~all to my domain so that my Google Workspace emails have SPF enabled. The SendGrid emails should continue to work with SPF enabled.

Bobby Iliev
Site Moderator
Site Moderator badge
March 13, 2024

Hey!

In general, all that you would need to do in order to add the Google SPF, is to create a TXT record with the following content:

v=spf1 include:_spf.google.com ~all

Here is the official Google documentation for this:

https://support.google.com/a/answer/10684623?hl=en

However, in your case, you want to ensure that both Google and SendGrid are authorized to send emails on behalf of your domain.

And as SendGrid has some custom automation in place, you might need to reach out to the SendGrid support team so that they can advise you further on how to add the Google domain reference to their custom SPF automation. As it is not really clear from their documentation if there is a way to do this:

https://docs.sendgrid.com/ui/account-and-settings/spf-records

Since you’re using Google Workspace and SendGrid, your SPF record will need to include both. It’s important not to create multiple SPF TXT records for a domain, as this can cause validation issues. Instead, you should combine the necessary parts into a single SPF record.

Let me know how it goes!

Best,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Sign up

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Learn more

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Learn more

Featured on Community
Kubernetes CourseLearn Python 3Machine Learning in PythonGetting started with GoIntro to Kubernetes
DigitalOcean Products
CloudwaysVirtual MachinesManaged DatabasesManaged KubernetesBlock StorageObject StorageMarketplaceVPCLoad Balancers
Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel
© 2024 DigitalOcean, LLC.Sitemap.