When configuring my SPF records, should I be using a hard fail or a soft fail?
While we cannot provide a definite answer, the following information will help you better understand the difference to make an educated decision on whether you should use a hard fail for SPF, or a soft fail for SPF.
The main difference between the two is pretty simple. Is it on the list?
A hard fail, for example, is going to look like this:
v=spf1 ip4 126.96.36.199 -all
If mail is being sent from another server that's not the IP in the SPF, the receiving server will discard it.
With a soft fail, this will get tagged as spam or suspicious. A soft fail would look like this:
v=spf1 ip4 188.8.131.52 ~all