DNS provider

Add an SPF record in DigitalOcean DNS

SPF must be a single TXT starting with v=spf1 at the domain that sends mail. DigitalOcean DNS will let you break this with duplicate TXT — don’t.

Provider gotcha: For DKIM, the hostname field is only the left part — e.g. google._domainkey — not the full google._domainkey.example.com.

Reference: SPF DNS.

Step by step

Step 1 DigitalOcean Control Panel → Networking → Domains → select your domain → Add record.

Step 2 TXT record. For root domain SPF: Type TXT, enter the hostname fragment and paste the value. Apex often appears as @..

Step 3 Single SPF only — merge vendors into one string:

v=spf1 include:_spf.google.com ~all

Step 4 Save. For DKIM, the hostname field is only the left part — e.g. google._domainkey — not the full google._domainkey.example.com.

Step 5 Propagation: Usually minutes; TTL and recursive caches still apply.

Step 6 Use DNS Preflight — SPF tree shows lookup count. Link: SPF guide.

DNS Preflight — full auth check for your domain.

Open DNS Preflight →

Propagation — compare resolvers.

Open DNS Propagation →

FAQ

Can I add two SPF TXT records?

No — merge into one v=spf1 string or you get PermError.

How does DigitalOcean DNS want SPF quoted?

Follow the code block on this page; Route 53 requires quotes around the full TXT.

Why PermError after saving?

Syntax error, duplicate SPF, or over 10 DNS lookups — use Preflight’s SPF tree.

Include SendGrid and Google?

Yes in one record: v=spf1 include:... include:... ~all — watch lookup count.

How long until live?

Usually <strong>minutes</strong>; TTL and recursive caches still apply.

← DigitalOcean DNS hub · All DNS providers