How to Create an SPF Record for Brevo
Learn how to create an SPF record for Brevo (formerly Sendinblue). Step-by-step guide with the correct include, common combinations, and tips.
Brevo -- formerly known as Sendinblue -- is an email marketing and transactional email platform used by thousands of small and mid-sized businesses. Whether you're sending newsletters, automated campaigns, or transactional emails like order confirmations, you need an SPF record that authorizes Brevo to send email on behalf of your domain. Without one, receiving mail servers have no way to verify that Brevo is a legitimate sender for your domain, which means your emails are far more likely to end up in spam.
This guide covers everything you need to set up SPF for Brevo, including the correct include value, how to combine it with other services, and how to verify your record.
The SPF Include for Brevo
Per Brevo's domain authentication guide, the SPF include mechanism for Brevo is:
include:sendinblue.com
Yes, it still uses the old Sendinblue domain. Even though the company rebranded to Brevo in 2023, the sending infrastructure and SPF include haven't changed. If you see guides referencing sendinblue.com in SPF records, they're still correct.
The SPF include sendinblue.com works for both Brevo's marketing email platform and its transactional email service (formerly Sendinblue SMTP). You only need one include regardless of which Brevo features you use.
A basic SPF record for Brevo looks like this:
v=spf1 include:sendinblue.com -all
This tells receiving mail servers that Brevo's servers are authorized to send email for your domain, and that all other servers should be rejected. You can use the free SPF record generator to build your record with the correct Brevo include alongside any other services you use.
Step-by-Step: Creating Your SPF Record for Brevo
Check for an existing SPF record
Go to SPF Record Check and enter your domain. If an SPF record already exists, you'll need to edit it rather than create a new one. A domain can only have one SPF record -- creating a second one breaks email authentication entirely.
Build your SPF record
If Brevo is your only email sending service, your record is simply v=spf1 include:sendinblue.com -all. If you also use Google Workspace, Microsoft 365, or another service for day-to-day email, you'll need to include those too. Use the SPF Creator tool to build a record with all your services.
Log in to your DNS provider
Go to whatever service manages your domain's DNS -- this might be GoDaddy, Cloudflare, Namecheap, or your domain registrar. Navigate to the DNS records or DNS management section.
Add or edit the TXT record
If no SPF record exists, create a new TXT record with the name @ (representing your root domain) and paste your SPF record as the value. If an SPF record already exists, edit it and add include:sendinblue.com before the -all at the end.
Save and wait for propagation
Save the record. DNS changes typically propagate within a few minutes to a few hours, depending on your provider. Some providers like Cloudflare propagate almost instantly.
Verify in Brevo's dashboard
Go to your Brevo account settings and check the domain authentication section. Brevo will verify that your SPF record is correctly configured. You can also verify independently at SPF Record Check.
Common SPF Record Combinations With Brevo
Brevo is almost always used alongside a primary email provider for everyday business email. Here are the most common setups:
| Setup | SPF Record |
|---|---|
| Brevo only | v=spf1 include:sendinblue.com -all |
| Brevo + Google Workspace | v=spf1 include:sendinblue.com include:_spf.google.com -all |
| Brevo + Microsoft 365 | v=spf1 include:sendinblue.com include:spf.protection.outlook.com -all |
| Brevo + Zoho Mail | v=spf1 include:sendinblue.com include:zoho.com -all |
| Brevo + Google Workspace + SendGrid | v=spf1 include:sendinblue.com include:_spf.google.com include:sendgrid.net -all |
| Brevo + Microsoft 365 + Mailchimp | v=spf1 include:sendinblue.com include:spf.protection.outlook.com include:servers.mcsv.net -all |
The most typical scenario is Brevo for marketing and transactional email, paired with Google Workspace or Microsoft 365 for employee inboxes. If you're using Brevo for both marketing campaigns and transactional emails (like password resets or order confirmations), you still only need the one include:sendinblue.com.
Monitor your email authentication
After setting up SPF for Brevo, make sure it keeps working. Get daily checks on your SPF, DKIM, and DMARC records.
Verifying Your SPF Record
After adding the SPF record to your DNS, verify that it's live and correctly formatted.
Go to SPF Record Check and enter your domain. The tool will display your published SPF record, validate the syntax, count the total DNS lookups, and flag any problems. Confirm that include:sendinblue.com appears in the record and that the total lookup count is 10 or fewer, as required by RFC 7208.
You should also send a test email through Brevo to an external email address. Check the email headers on the receiving end and look for Authentication-Results: spf=pass. If you see spf=fail or spf=neutral, your SPF record may be missing the Brevo include or there may be a syntax error.
Brevo's domain authentication dashboard shows the status of your SPF, DKIM, and DMARC records. Check it after making DNS changes -- Brevo will tell you if anything is missing or misconfigured.
Common Mistakes With Brevo SPF Records
Searching for "brevo.com" Instead of "sendinblue.com"
Since the rebrand, many users try include:brevo.com in their SPF record. This is incorrect. The SPF include is still include:sendinblue.com. Using the wrong domain means your Brevo emails won't pass SPF checks.
Creating a Duplicate SPF Record
If your domain already has an SPF record for Google Workspace or Microsoft 365, don't add a second TXT record starting with v=spf1. Having two SPF records causes a permerror per RFC 7208 that breaks authentication for every email from your domain -- not just Brevo emails. Edit the existing record and add the Brevo include to it.
Forgetting Brevo Transactional Email
Some businesses set up Brevo for marketing campaigns but forget they're also using Brevo's transactional email API for things like password resets or account notifications. Both services use the same include, so if you have include:sendinblue.com in your SPF record, both are covered. But if you remove Brevo from your SPF record thinking you only used it for marketing, your transactional emails will start failing too.
Not Updating After Switching From Sendinblue
If you set up SPF back when the platform was called Sendinblue, your record should already have include:sendinblue.com -- and it's still correct. Don't change it. The include hasn't changed with the rebrand, and changing it to something else would break your setup.
Complete Your Email Authentication
SPF alone isn't enough for reliable email delivery. For the best deliverability and protection against spoofing, set up all three email authentication protocols:
- SPF authorizes which servers can send email for your domain (what you just configured)
- DKIM adds a cryptographic signature to each email, proving it wasn't tampered with in transit. Use DKIM Creator to generate your DKIM records for Brevo
- DMARC tells receiving servers what to do when SPF or DKIM checks fail. Use DMARC Creator to create your DMARC policy
Brevo provides DKIM keys in your account's domain authentication settings. Adding all three protocols gives you the strongest email authentication setup and the best chance of inbox placement.
Related Articles
Monitor Your SPF Record
Your SPF record is live -- but DNS records can be accidentally deleted, overwritten during domain transfers, or broken by unrelated changes. Daily monitoring catches these problems before they affect your email deliverability.
Never miss an SPF issue
Monitor your SPF, DKIM, DMARC and MX records daily. Get alerts when something breaks.
Start Monitoring