1. Make sure that you have an SPF record in the domain that you use as your Return-Path domain.
  2. Make sure that you have an SPF record in your HELO/EHLO domain in case of bounces where the Return-Path domain is empty.
  3. Make sure there is a single SPF record per domain.
  4. Make sure that the SPF record syntax is correct.
  5. Make sure that your Return-Path domain aligns with the From domain.
  6. Make sure that your authorised senders are part of the SPF record.
  7. Make sure that unauthorised senders are not in your SPF record.
  8. Make sure that you do not go over the 10 DNS lookup limit imposed by SPF. If you have gone over the 10 DNS lookup limit you will have to consider using a feature such as OnDMARC’s Dynamic SPF 

9. Make sure that deprecated SPF record mechanisms such as the “ptr” mechanism are not used in your SPF record.
10. Make sure that your SPF record starts with "v=spf1".

Did this answer your question?