KnowBe4 SPF Setup 

SPF (Sender Policy Framework) is an email authentication protocol that prevents unauthorized senders from sending emails on behalf of your domain. By validating the sending servers, SPF helps protect against spoofing and phishing.

This guide explains how to configure SPF for KnowBe4, a platform that provides security awareness training and simulated phishing to help organizations strengthen their human firewall.

KnowBe4 SPF Requirements

Note: Before you add KnowBe4 to your SPF record, you’ll need to disable the return-path header in your KSAT Account Settings. For more information, see our Change the Return-Path Header in Your Account Settings article.

 If you’re already using Sendmarc for SPF management, simply copy ‘include:_spf.psm.knowbe4.com’ and follow the steps here.

To authorize KnowBe4 to send emails on your domain’s behalf:

  1. Log in to your domain’s DNS dashboard.
  2. Go to the page where you can update the DNS settings on that domain.
  3. Check if a TXT record starting with v=spf1 already exists.
    • If it exists, modify the existing record to include KnowBe4 (details in the table below).
    • If not, create a new TXT record.

Example of an updated SPF record:

HostTypeValue
@ or blankTXTv=spf1 include:another.net include:_spf.psm.knowbe4.com ~all

Example of a new SPF record:

HostTypeValue
@ or blankTXTv=spf1 include:_spf.psm.knowbe4.com ~all
  1. Save your changes in the DNS control panel.

Allow up to 48 hours for DNS propagation, depending on your DNS host.

How to update your SPF settings using Sendmarc

For detailed instructions on how to update your SPF record through Sendmarc, refer to the Sendmarc SPF Setup Documentation. 

KnowBe4’s Documentation

Refer to KnowBe4’s official documentation for SPF setup here.

Looking for DKIM Settings?

Find out how to configure your KnowBe4 DKIM settings here.