SPF fix
How to Add an SPF Record in AWS Route 53
Publish SPF as a TXT in your Route 53 zone — quote the value the way AWS likes or the console complains.
Why Route 53 rejects “naked” TXT values
AWS wants TXT data quoted. Fat-finger the format and the record saves — then SPF fails in weird ways.
What the record looks like
Record type: TXT
Record name: @ (or leave blank for apex per console)
Value: "v=spf1 include:_spf.google.com ~all"
TTL: 300 (testing) or 3600+ (stable)
Paste your full SPF string. The console usually adds quotes for you.
Create the TXT in the hosted zone
Step 1 AWS Console → Route 53 → Hosted zones → select your domain
Step 2 Create record → Record type: TXT
Step 3 Record name: @ or blank for apex · Value:
"v=spf1 ... ~all" with quotes as requiredStep 4 TTL: 300s while testing, then increase
Step 5 Save and verify with DNS Preflight
Run DNS Preflight to read authoritative TXT and count SPF lookups
Open DNS Preflight →Related glossary:
SPF record ·
DMARC
FAQ
Quote requirement in Route 53?
Yes — TXT payloads are quoted strings. Use the console format; values often look like "v=spf1 ... ~all".
Hosted zone vs registrar?
Publish where DNS is hosted. Registrar ≠ DNS — if the zone delegates to Route 53, SPF goes here.
TTL recommendation?
Use 300s while you’re changing things. Crank it up once stable.
Multiple value entries?
Yes for long strings — AWS splits per their docs. Still one logical SPF.
Verification?
Run DNS Preflight. It hits live resolvers and expands SPF.