• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2031
  • Last Modified:

What is the meaning of the SMTP error "451 4.7.0 SPF tempfail: DNS timeout"


We are receiving this error on mails mails send to one specific domain.
Mails are not delivered. When I remove the SPF record I don't get an error message and I am currently waiting for a reply from the recipient. I sent the email using telnet so there is no way of tracing the message.

But I can not leave our domain without SPF record. So I need to figure out what is happening.

Thanks for any help.

  • 2
1 Solution
BrainSolutionsAuthor Commented:
Hello all,

I found the problem and the solution. My SPF record was not sufficient as it missed a host in the domain for which the spf record served.

It workes normally now.

BrainSolutionsAuthor Commented:
An SPF record that covers multiple domains shoud contain A pointers to hosts within all the domains
Actually that isn't completely accurate.

All the SPF record needs is the sending IP(s) for that domain.  If your domain is example.com, and your sending servers are and, then your SPF record would be:
"v=spf1 ip4: ip4: -all"

Open in new window

If you are DKIM signing, which you should be, then I suggest changing -all to ~all

If you want to post your SPF record, I can double check it for best practices and such.

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now