SPF Record Setup for E-Commerce Stores
Learn how to set up SPF records for your e-commerce store. Complete examples for Shopify, WooCommerce, and BigCommerce with common email provider combos.
E-commerce stores send a lot of email. Order confirmations, shipping notifications, abandoned cart reminders, promotional campaigns, password resets, customer support replies -- the list goes on. And each of those emails typically flows through a different service. Your storefront platform sends transactional messages, your marketing tool handles campaigns, and your team communicates through a business email provider.
If your SPF record doesn't authorize all of these services, some of your emails will fail authentication and land in spam. For an online store, that means missed order confirmations, ignored promotions, and frustrated customers who never see their shipping updates.
Why E-Commerce SPF Records Are More Complex
A typical e-commerce business sends email from three to four different sources:
- Storefront platform -- Shopify, WooCommerce, or BigCommerce sends order confirmations, shipping updates, and account notifications
- Marketing platform -- Klaviyo, Mailchimp, or Omnisend sends campaigns, flows, and promotional emails
- Transactional email service -- SendGrid, Amazon SES, or Mailgun handles high-volume transactional messages (especially common with WooCommerce)
- Team email -- Google Workspace or Microsoft 365 handles your internal team's day-to-day email
Each of these needs its own include mechanism in your SPF record. The challenge is fitting them all within the 10 DNS lookup limit.
Complete SPF Examples by E-Commerce Stack
Here are ready-to-use SPF records for the most common e-commerce setups. You can also use the free SPF record generator to build a custom record for your specific combination of providers.
Shopify + Klaviyo + Google Workspace
This is one of the most popular e-commerce stacks. Shopify handles your storefront email (per Shopify's SPF documentation), Klaviyo manages marketing automation (per Klaviyo's DNS authentication guide), and Google Workspace covers team email.
v=spf1 include:shops.shopify.com include:spf.klaviyo.com include:_spf.google.com -all
| Provider | Include | Est. Lookups |
|---|---|---|
| Shopify | include:shops.shopify.com | 1-2 |
| Klaviyo | include:spf.klaviyo.com | 1-2 |
| Google Workspace | include:_spf.google.com | 3-4 |
| Total | 5-8 |
This combination fits comfortably within the 10-lookup limit with room to spare for an additional service if needed.
WooCommerce + Mailchimp + Google Workspace
WooCommerce doesn't have its own email infrastructure like Shopify does. It relies on your hosting server's mail function or -- much better -- a dedicated SMTP plugin. Most WooCommerce stores use SendGrid, Mailgun, or Amazon SES for transactional email.
v=spf1 include:sendgrid.net include:spf.mandrillapp.com include:_spf.google.com -all
| Provider | Include | Est. Lookups |
|---|---|---|
| SendGrid (WooCommerce SMTP) | include:sendgrid.net | 1-2 |
| Mailchimp (Mandrill) | include:spf.mandrillapp.com | 1-2 |
| Google Workspace | include:_spf.google.com | 3-4 |
| Total | 5-8 |
WooCommerce itself doesn't appear in your SPF record. The include you need depends on which SMTP plugin or transactional email service you've connected to WooCommerce. Check your WooCommerce email settings to see which service is actually sending your store's emails.
BigCommerce + SendGrid + Microsoft 365
BigCommerce stores often use SendGrid for both transactional and marketing email, with Microsoft 365 for team communication.
v=spf1 include:sendgrid.net include:spf.protection.outlook.com -all
| Provider | Include | Est. Lookups |
|---|---|---|
| SendGrid (BigCommerce + marketing) | include:sendgrid.net | 1-2 |
| Microsoft 365 | include:spf.protection.outlook.com | 2-3 |
| Total | 3-5 |
This is a lean setup with plenty of headroom for additional providers.
Common E-Commerce Providers and Their SPF Includes
If your stack doesn't match the examples above, here are the SPF include values for the most common e-commerce email providers:
| Provider | SPF Include |
|---|---|
| Shopify | include:shops.shopify.com |
| Klaviyo | include:spf.klaviyo.com |
| Mailchimp | include:spf.mandrillapp.com |
| Omnisend | include:spf.omnisend.com |
| SendGrid | include:sendgrid.net |
| Amazon SES | include:amazonses.com |
| Mailgun | include:mailgun.org |
| Postmark | include:spf.mtasv.net |
| Google Workspace | include:_spf.google.com |
| Microsoft 365 | include:spf.protection.outlook.com |
Setting Up Your E-Commerce SPF Record
Identify every service that sends email from your domain
Log in to your storefront admin, your marketing platform, any transactional email service, and your team email provider. If it sends email using your domain name in the "from" address, it needs to be in your SPF record.
Generate your SPF record
Use the free SPF record generator to build your record. Select each provider from the list and the tool assembles the correct syntax and counts your lookups automatically.
Add the TXT record to your DNS
Log in to your DNS provider (your domain registrar or a service like Cloudflare). Create a TXT record on your root domain (@) with your SPF record as the value. If you already have an SPF record, edit it -- don't create a second one.
Verify the record is working
After DNS propagation, use SPF Record Check to confirm your record is valid, has no errors, and is within the lookup limit.
What Happens If You Skip SPF
For e-commerce stores, poor email deliverability directly impacts revenue. Order confirmation emails that land in spam create support tickets and erode customer trust. Marketing campaigns that get filtered mean lower open rates and wasted ad spend driving traffic to promotions nobody sees. Password reset emails that don't arrive mean abandoned carts and lost customers.
Google and Yahoo now require SPF, DKIM, and DMARC for bulk senders. If your store sends more than 5,000 emails per day, you must have all three configured or your emails will be rejected -- not just filtered to spam, but blocked entirely.
Watch for Lookup Limit Issues
E-commerce stacks can grow quickly. You start with Shopify and Google Workspace, add Klaviyo for marketing, integrate a review platform that sends emails, and connect a helpdesk. Before you know it, you're bumping against the 10-lookup limit.
If you're approaching the 10-lookup limit, consider moving marketing or transactional email to a subdomain like mail.yourstore.com. This gives that email stream its own SPF record and its own 10-lookup budget. It's cleaner than SPF flattening and easier to maintain long-term.
Monitor your records regularly with Deliverability Checker to catch issues before they affect your customers.
Related Articles
Never miss an SPF issue
Monitor your SPF, DKIM, DMARC and MX records daily. Get alerts when something breaks.
Start Monitoring