But nobody else says that anything's wrong!
People often say:
This flawed logic misses several points.
What matters is what is not delivered.
If you have a good SPF record, mail forged to look like it came from you won't be delivered only if the recipient checks your SPF record.
But if the recipient doesn't check it, then they simply won't know if the mail is forged or not. They may rely on other ways of deciding whether or not to accept it, or they may just accept it.
Some systems don't work properly and even if they do check your SPF record, they ignore if there are errors in it.
Our systems never ignore your SPF record.
Our systems always test your SPF record.
Usually, if your SPF record is broken, our systems will reject all mail from you.
So is there something wrong with my SPF record?
What should my SPF record say?
Your published SPF record should say:
"Mail from my domain only ever comes from servers on this list. Everything else is forged."
By setting up a good SPF record you are taking a step to prevent forgery.
Help! It's complicated!
Many SPF records are incorrectly formed.
Sometimes it was perfectly correct when it was first deployed but it has been forgotten; then changes in your email infrastructure (for example a change of email provider) mean that it's no longer appropriate. Then the old record might well be telling the world,
"All the mail that I send is forged!"
Many receivers ignore your SPF record (perhaps they don't care about forgeries) and your mail isn't rejected by them.
The trouble then is that when you send mail to us, it is rejected, so you think it must be our problem. Unfortunately, it isn't our problem or we'd fix it.
Our systems Do The Right Thing.
You have a problem, and it's up to you to get it fixed.
We can help, and we can tell you what the problem is (in terms that you will understand), but we don't have the authority to fix the problem for you unless you give it to us.