{"id":4585,"date":"2025-12-28T13:44:28","date_gmt":"2025-12-28T13:44:28","guid":{"rendered":"https:\/\/emailwarmup.com\/blog\/?p=4585"},"modified":"2026-03-05T13:21:21","modified_gmt":"2026-03-05T13:21:21","slug":"spf-softfail-vs-hardfail","status":"publish","type":"post","link":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/","title":{"rendered":"SPF Softfail vs Hardfail [Which Should You Use?]"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"3533\" height=\"2248\" src=\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\" alt=\"Softfail vs Hardfail\" class=\"wp-image-4587\"\/><\/figure>\n\n\n\n<p>Every <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-record\/\">SPF record<\/a> ends with an &#8220;all&#8221; mechanism that tells receiving servers how to handle unauthorized senders. Softfail (~all) marks them suspicious. Hardfail (-all) rejects them outright.<\/p>\n\n\n\n<p>The choice seems obvious \u2014 reject unauthorized mail, right?&nbsp;<\/p>\n\n\n\n<p>But hardfail creates problems that softfail avoids, and <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/dmarc\/\">DMARC<\/a> has changed the security calculus entirely.<\/p>\n\n\n\n<p>This decision affects:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whether forwarded emails bounce or survive<\/li>\n\n\n\n<li>How early rejection can bypass DKIM authentication<\/li>\n\n\n\n<li>Whether DMARC gets a chance to make the final call<\/li>\n<\/ul>\n\n\n\n<p>For most domains that send email, softfail is the smarter choice \u2014 parked domains are the exception.<\/p>\n\n\n\n<p>Let\u2019s compare both SPF softfail vs hardfail in this read, and see what is better for your email authentication and <a href=\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/what-is-email-deliverability\/\">deliverability<\/a>.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What does ~all actually mean in an SPF record?<\/h2>\n\n\n\n<p>The tilde (~) before &#8220;all&#8221; signals a weak statement of non-authorization. It tells receiving servers that this IP probably isn&#8217;t authorized, but don&#8217;t reject the message \u2014 flag it for closer scrutiny instead.<\/p>\n\n\n\n<p>In practice, softfail usually results in:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Email delivered to spam\/junk folder<\/li>\n\n\n\n<li>Message tagged as suspicious<\/li>\n\n\n\n<li>Lower trust score applied<\/li>\n<\/ul>\n\n\n\n<p>The email still arrives. Recipients can find it (even if buried in spam). <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/dkim\/\">DKIM<\/a> and DMARC still get evaluated \u2014 which matters more than most people realize.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How does hardfail (-all) differ?<\/h2>\n\n\n\n<p>The hyphen (-) before &#8220;all&#8221; is an absolute statement \u2014 this IP is <em>not<\/em> authorized. Receiving servers are instructed to reject or delete the message immediately.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>Mechanism<\/td><td>Symbol<\/td><td>Message to receiver<\/td><\/tr><tr><td>Softfail<\/td><td>~<\/td><td>&#8220;Probably unauthorized \u2014 scrutinize&#8221;<\/td><\/tr><tr><td>Hardfail<\/td><td>&#8211;<\/td><td>&#8220;Definitely unauthorized \u2014 reject&#8221;<\/td><\/tr><tr><td>Neutral<\/td><td>?<\/td><td>&#8220;No opinion \u2014 accept anyway&#8221;<\/td><\/tr><tr><td>Pass all<\/td><td>+<\/td><td>&#8220;Everyone authorized&#8221; (dangerous)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>Hardfail sounds more secure \u2014 and for parked domains, it is. But for domains that actually send email, it introduces serious deliverability risks that often outweigh the security benefits.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why does email forwarding break hardfail?<\/h2>\n\n\n\n<p>SPF validates the <em>connecting<\/em> server&#8217;s IP address \u2014 not the original sender. When email gets forwarded, the math stops working.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">IP mismatch<\/h3>\n\n\n\n<p>Consider what happens when someone forwards your email:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Original sender \u2014 you@yourdomain.com (IP: 1.2.3.4)<\/li>\n\n\n\n<li>Forwarding server \u2014 university mail system (IP: 5.6.7.8)<\/li>\n\n\n\n<li>SPF check at destination \u2014 Is 5.6.7.8 in yourdomain.com&#8217;s SPF?<\/li>\n<\/ul>\n\n\n\n<p>The answer is <strong>no<\/strong>. The forwarding server&#8217;s IP isn&#8217;t in your SPF record. It can&#8217;t be \u2014 you don&#8217;t control it.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Softfail vs hardfail outcomes<\/h3>\n\n\n\n<p>Here is how SPF softfail vs hardfail differ in outcomes:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>Scenario<\/td><td>Softfail result<\/td><td>Hardfail result<\/td><\/tr><tr><td>Direct send<\/td><td>Delivered normally<\/td><td>Delivered normally<\/td><\/tr><tr><td>Email forwarded<\/td><td>Spam folder (recoverable)<\/td><td>Rejected\/lost<\/td><\/tr><tr><td>Mailing list<\/td><td>Spam folder<\/td><td>Bounced<\/td><\/tr><tr><td>Corporate relay<\/td><td>Spam folder<\/td><td>Rejected<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>With softfail, the forwarded email lands in spam (annoying but recoverable). With hardfail, it&#8217;s rejected \u2014 the recipient never sees it, and you might not know it bounced.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SPF failures<\/h3>\n\n\n\n<p>Common forwarding scenarios that break SPF:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Mailing lists that redistribute messages<\/li>\n\n\n\n<li>Corporate mail routing through security gateways<\/li>\n\n\n\n<li>Backup MX servers are processing mail during outages<\/li>\n\n\n\n<li>Auto-forwarding rules in shared mailboxes<\/li>\n\n\n\n<li>University alumni forwarding to Gmail<\/li>\n<\/ul>\n\n\n\n<p>All of these cause SPF failures. Hardfail turns &#8220;temporarily suspicious&#8221; into &#8220;permanently lost.&#8221; The email disappears without a trace \u2014 no spam folder rescue, no &#8220;check your junk mail&#8221; workaround.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How does DMARC change the softfail decision?<\/h2>\n\n\n\n<p>DMARC has fundamentally altered how softfail vs hardfail matters (or doesn&#8217;t). Understanding the interaction prevents unnecessary deliverability damage.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Equal treatment<\/h3>\n\n\n\n<p>For DMARC alignment purposes, softfail and hardfail produce the same result \u2014 SPF fails. DMARC doesn&#8217;t care whether you used ~ or -. It only cares whether SPF passed or failed.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>SPF result<\/td><td>DKIM result<\/td><td>DMARC outcome<\/td><\/tr><tr><td>Softfail<\/td><td>Pass<\/td><td>DMARC pass (DKIM carries it)<\/td><\/tr><tr><td>Hardfail<\/td><td>Pass<\/td><td>May never reach DMARC evaluation<\/td><\/tr><tr><td>Softfail<\/td><td>Fail<\/td><td>DMARC fail (policy applied)<\/td><\/tr><tr><td>Hardfail<\/td><td>Fail<\/td><td>Rejected before DMARC checked<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>The critical difference is <em>when<\/em> rejection happens.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Early rejection<\/h3>\n\n\n\n<p>Some receiving servers check SPF before DMARC. With hardfail, they may reject the message at the SMTP level \u2014 before ever evaluating DKIM or DMARC.<\/p>\n\n\n\n<p>The sequence matters enormously:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Hardfail triggers \u2192 email rejected \u2192 DKIM never checked<\/li>\n\n\n\n<li>Softfail triggers \u2192 email accepted for scrutiny \u2192 DKIM checked \u2192 DMARC evaluated<\/li>\n<\/ul>\n\n\n\n<p>If your email has valid <a href=\"https:\/\/emailwarmup.com\/blog\/how-to-setup-dkim\/\">DKIM<\/a>, DMARC would pass. But hardfail can prevent that evaluation from ever happening. The &#8220;550 SPF Hard Fail&#8221; bounce arrives, and a perfectly legitimate email dies because of an authentication technicality.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">When should you use hardfail?<\/h2>\n\n\n\n<p>Hardfail has its place \u2014 just not where most people think.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Parked domains<\/h3>\n\n\n\n<p>Domains that never send email have nothing to protect.&nbsp;<\/p>\n\n\n\n<p>No legitimate email is likely to be accidentally rejected. Hardfail makes sense here because any email claiming to be from a parked domain is, by definition, fraudulent.<\/p>\n\n\n\n<p>The SPF record for a parked domain is simple:<\/p>\n\n\n\n<p>v=spf1 -all<\/p>\n\n\n\n<p>No authorized senders. Reject everything. Combined with a <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/dmarc\/\">DMARC<\/a> reject policy, parked domains become nearly impossible to spoof.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Non-sending domains<\/h3>\n\n\n\n<p>Similar logic applies to domains used only for websites, not email. If marketing-landing-page.com never sends mail, hardfail prevents spoofing attempts without deliverability risk.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">High-security exceptions<\/h3>\n\n\n\n<p>Banks, government agencies, and similar institutions sometimes use hardfail for tightly controlled infrastructure. The calculus only works when:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DKIM coverage is complete<\/li>\n\n\n\n<li>No forwarding scenarios exist<\/li>\n\n\n\n<li>IT can monitor bounces in real-time<\/li>\n\n\n\n<li>Third-party senders are minimal or nonexistent<\/li>\n\n\n\n<li>Every legitimate sending source is documented<\/li>\n<\/ul>\n\n\n\n<p>Most organizations don&#8217;t meet these criteria. The ones that do usually have dedicated email security teams managing authentication full-time.&nbsp;<\/p>\n\n\n\n<p>For everyone else, softfail combined with DMARC enforcement achieves the same protection without the operational fragility.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What do security rating services say about softfail?<\/h2>\n\n\n\n<p>Some cybersecurity rating services (like SecurityScorecard) flag softfail as a finding. The logic is that softfail doesn&#8217;t command immediate rejection, so spoofed emails might reach users.<\/p>\n\n\n\n<p>Rating services recognize DMARC with p=reject or p=quarantine as a compensating control. If your DMARC policy enforces strict handling of authentication failures, softfail&#8217;s apparent &#8220;permissiveness&#8221; becomes irrelevant \u2014 DMARC makes the final call anyway.<\/p>\n\n\n\n<p>The combination of SPF softfail + DMARC reject provides equivalent security to hardfail without the forwarding problems. Your <a href=\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/sender-reputation\/\">sender reputation<\/a> stays intact, legitimate forwarded emails survive, and spoofing attempts still get blocked.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How do you check your current SPF policy?<\/h2>\n\n\n\n<p>Use an <a href=\"https:\/\/emailwarmup.com\/spf-lookup\">SPF lookup tool<\/a> to see your current record. Look at the ending:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>Ending<\/td><td>Name<\/td><td>Recommendation<\/td><\/tr><tr><td>~all<\/td><td>Softfail<\/td><td>Recommended for active domains<\/td><\/tr><tr><td>-all<\/td><td>Hardfail<\/td><td>Recommended for parked domains<\/td><\/tr><tr><td>?all<\/td><td>Neutral<\/td><td>Not recommended<\/td><\/tr><tr><td>+all<\/td><td>Pass all<\/td><td>Never use (authorizes everyone)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Test the <em>changes<\/em> you make!<\/h2>\n\n\n\n<p>Softfail is the right choice for most active domains. Hardfail has legitimate uses \u2014 parked domains, non-sending domains, tightly controlled <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/email-infrastructure\/\">infrastructure<\/a> \u2014 but creates unnecessary risk for normal email operations.<\/p>\n\n\n\n<p>Before switching from hardfail to softfail (or vice versa):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use a short TTL (300 seconds) for quick rollback<\/li>\n\n\n\n<li>Monitor <a href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/how-to-read-dmarc-reports\/\">DMARC reports<\/a> for authentication failures<\/li>\n\n\n\n<li>Run an <a href=\"https:\/\/emailwarmup.com\/email-deliverability-test\">email deliverability test<\/a> after changes<\/li>\n\n\n\n<li>Watch for <a href=\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/email-bounce-rate\/\">bounce rate<\/a> changes over 48-72 hours<\/li>\n<\/ul>\n\n\n\n<p>If you&#8217;re currently on hardfail and seeing legitimate emails bounce, switching to softfail is usually the right move \u2014 especially once DMARC is properly configured via a <a href=\"https:\/\/emailwarmup.com\/dmarc-lookup\">DMARC checker<\/a>.<\/p>\n\n\n\n<p>Use the <a href=\"https:\/\/emailwarmup.com\/spf-generator\">SPF generator<\/a> to create properly formatted records, and contact an <a href=\"https:\/\/emailwarmup.com\/email-deliverability-consultant\">email deliverability consultant<\/a> if authentication decisions are causing persistent delivery problems.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frequently asked questions<\/h2>\n\n\n\n<p>Here are some commonly asked questions about hardfail and softfail:&nbsp;<\/p>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1766923134975\"><strong class=\"schema-faq-question\">Does softfail mean my domain is less secure?<\/strong> <p class=\"schema-faq-answer\">Not when combined with DMARC. DMARC treats softfail and hardfail identically \u2014 both count as SPF failure. The difference is <em>when<\/em> rejection happens, not <em>whether<\/em> it happens. Softfail lets DMARC make the final decision; hardfail might preempt it.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1766923145088\"><strong class=\"schema-faq-question\">Will switching to softfail hurt my sender reputation?<\/strong> <p class=\"schema-faq-answer\">No. <a href=\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/sender-reputation\/\">Email reputation<\/a> depends on engagement, complaints, and authentication pass rates \u2014 not which SPF mechanism you use. Softfail that leads to DMARC pass is identical to hardfail that leads to DMARC pass from a reputation perspective.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1766923145326\"><strong class=\"schema-faq-question\">Should I use softfail while deploying DMARC?<\/strong> <p class=\"schema-faq-answer\">Yes. Softfail during DMARC deployment is best practice. Monitor reports to identify legitimate senders you might have missed. Once you&#8217;re confident all sources are covered, you can decide whether hardfail adds value (for most active domains, it doesn&#8217;t).<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1766923157033\"><strong class=\"schema-faq-question\">What causes the &#8220;550 SPF Hard Fail&#8221; error?<\/strong> <p class=\"schema-faq-answer\">The 550 error occurs when a receiving server rejects mail based on your hardfail policy. If legitimate emails are bouncing with this error, switch to softfail and ensure <a href=\"https:\/\/emailwarmup.com\/blog\/how-to-setup-dkim\/\">DKIM<\/a> is properly configured. The combination protects against spoofing while allowing forwarded mail to survive.<\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Every SPF record ends with an &#8220;all&#8221; mechanism that tells receiving servers how to handle unauthorized senders. Softfail (~all) marks them suspicious. Hardfail (-all) rejects them outright. The choice seems obvious \u2014 reject unauthorized mail, right?&nbsp; But hardfail creates problems that softfail avoids, and DMARC has changed the security calculus entirely. This decision affects: For [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":4587,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","footnotes":""},"categories":[26],"tags":[],"class_list":["post-4585","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-email-authentication"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?<\/title>\n<meta name=\"description\" content=\"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?\" \/>\n<meta property=\"og:description\" content=\"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\" \/>\n<meta property=\"og:site_name\" content=\"Email Warmup\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-28T13:44:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-05T13:21:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"3533\" \/>\n\t<meta property=\"og:image:height\" content=\"2248\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Daniyal Dehleh\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daniyal Dehleh\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\"},\"author\":{\"name\":\"Daniyal Dehleh\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/fb2aa8d9a54b3d4d28e96de4d49361a5\"},\"headline\":\"SPF Softfail vs Hardfail [Which Should You Use?]\",\"datePublished\":\"2025-12-28T13:44:28+00:00\",\"dateModified\":\"2026-03-05T13:21:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\"},\"wordCount\":1356,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\",\"articleSection\":[\"Email Authentication\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#respond\"]}]},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\",\"url\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\",\"name\":\"SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?\",\"isPartOf\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\",\"datePublished\":\"2025-12-28T13:44:28+00:00\",\"dateModified\":\"2026-03-05T13:21:21+00:00\",\"description\":\"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.\",\"breadcrumb\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975\"},{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088\"},{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326\"},{\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage\",\"url\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\",\"contentUrl\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg\",\"width\":3533,\"height\":2248,\"caption\":\"Softfail vs Hardfail\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/emailwarmup.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SPF Softfail vs Hardfail [Which Should You Use?]\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#website\",\"url\":\"https:\/\/emailwarmup.com\/blog\/\",\"name\":\"Email WarmUp\",\"description\":\"100% Inbox Guaranteed.\",\"publisher\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/emailwarmup.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#organization\",\"name\":\"Email WarmUp\",\"url\":\"https:\/\/emailwarmup.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/Group-42350.png\",\"contentUrl\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/Group-42350.png\",\"width\":400,\"height\":271,\"caption\":\"Email WarmUp\"},\"image\":{\"@id\":\"https:\/\/emailwarmup.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/fb2aa8d9a54b3d4d28e96de4d49361a5\",\"name\":\"Daniyal Dehleh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/image-2.png\",\"contentUrl\":\"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/image-2.png\",\"caption\":\"Daniyal Dehleh\"},\"description\":\"Daniyal is an award-winning email marketing and deliverability consultant trusted by global brands like LA Fitness, Remax, and Deel. With a proven record of boosting open rates, click-throughs, and ROI by 300% or more, he is recognized as a renowned email marketing expert. For over a decade, he has refined a top-down optimization strategy that aligns technical infrastructure, creative execution, and a tight feedback loop into a system that delivers consistent results for companies of all sizes. Now, Daniyal is pulling back the curtain to share the proven frameworks and insights he\u2019s gathered\u2014helping businesses worldwide achieve the highest possible ROI from their email programs.\",\"url\":\"https:\/\/emailwarmup.com\/blog\/author\/daniyaldehleh\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975\",\"position\":1,\"url\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975\",\"name\":\"Does softfail mean my domain is less secure?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Not when combined with DMARC. DMARC treats softfail and hardfail identically \u2014 both count as SPF failure. The difference is <em>when<\/em> rejection happens, not <em>whether<\/em> it happens. Softfail lets DMARC make the final decision; hardfail might preempt it.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088\",\"position\":2,\"url\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088\",\"name\":\"Will switching to softfail hurt my sender reputation?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"No. <a href=\\\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/sender-reputation\/\\\">Email reputation<\/a> depends on engagement, complaints, and authentication pass rates \u2014 not which SPF mechanism you use. Softfail that leads to DMARC pass is identical to hardfail that leads to DMARC pass from a reputation perspective.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326\",\"position\":3,\"url\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326\",\"name\":\"Should I use softfail while deploying DMARC?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Yes. Softfail during DMARC deployment is best practice. Monitor reports to identify legitimate senders you might have missed. Once you're confident all sources are covered, you can decide whether hardfail adds value (for most active domains, it doesn't).\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033\",\"position\":4,\"url\":\"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033\",\"name\":\"What causes the \\\"550 SPF Hard Fail\\\" error?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The 550 error occurs when a receiving server rejects mail based on your hardfail policy. If legitimate emails are bouncing with this error, switch to softfail and ensure <a href=\\\"https:\/\/emailwarmup.com\/blog\/how-to-setup-dkim\/\\\">DKIM<\/a> is properly configured. The combination protects against spoofing while allowing forwarded mail to survive.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?","description":"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/","og_locale":"en_US","og_type":"article","og_title":"SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?","og_description":"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.","og_url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/","og_site_name":"Email Warmup","article_published_time":"2025-12-28T13:44:28+00:00","article_modified_time":"2026-03-05T13:21:21+00:00","og_image":[{"width":3533,"height":2248,"url":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg","type":"image\/jpeg"}],"author":"Daniyal Dehleh","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Daniyal Dehleh","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#article","isPartOf":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/"},"author":{"name":"Daniyal Dehleh","@id":"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/fb2aa8d9a54b3d4d28e96de4d49361a5"},"headline":"SPF Softfail vs Hardfail [Which Should You Use?]","datePublished":"2025-12-28T13:44:28+00:00","dateModified":"2026-03-05T13:21:21+00:00","mainEntityOfPage":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/"},"wordCount":1356,"commentCount":0,"publisher":{"@id":"https:\/\/emailwarmup.com\/blog\/#organization"},"image":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage"},"thumbnailUrl":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg","articleSection":["Email Authentication"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#respond"]}]},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/","url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/","name":"SPF Softfail vs Hardfail \u2014 Which Policy Should You Use?","isPartOf":{"@id":"https:\/\/emailwarmup.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage"},"image":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage"},"thumbnailUrl":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg","datePublished":"2025-12-28T13:44:28+00:00","dateModified":"2026-03-05T13:21:21+00:00","description":"SPF softfail (~all) marks unauthorized emails as suspicious instead of rejecting them. Examine softfail vs hardfail and which one to use.","breadcrumb":{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975"},{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088"},{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326"},{"@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#primaryimage","url":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg","contentUrl":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg","width":3533,"height":2248,"caption":"Softfail vs Hardfail"},{"@type":"BreadcrumbList","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/emailwarmup.com\/blog\/"},{"@type":"ListItem","position":2,"name":"SPF Softfail vs Hardfail [Which Should You Use?]"}]},{"@type":"WebSite","@id":"https:\/\/emailwarmup.com\/blog\/#website","url":"https:\/\/emailwarmup.com\/blog\/","name":"Email WarmUp","description":"100% Inbox Guaranteed.","publisher":{"@id":"https:\/\/emailwarmup.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/emailwarmup.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/emailwarmup.com\/blog\/#organization","name":"Email WarmUp","url":"https:\/\/emailwarmup.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/emailwarmup.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/Group-42350.png","contentUrl":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/Group-42350.png","width":400,"height":271,"caption":"Email WarmUp"},"image":{"@id":"https:\/\/emailwarmup.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/fb2aa8d9a54b3d4d28e96de4d49361a5","name":"Daniyal Dehleh","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/emailwarmup.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/image-2.png","contentUrl":"https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/05\/image-2.png","caption":"Daniyal Dehleh"},"description":"Daniyal is an award-winning email marketing and deliverability consultant trusted by global brands like LA Fitness, Remax, and Deel. With a proven record of boosting open rates, click-throughs, and ROI by 300% or more, he is recognized as a renowned email marketing expert. For over a decade, he has refined a top-down optimization strategy that aligns technical infrastructure, creative execution, and a tight feedback loop into a system that delivers consistent results for companies of all sizes. Now, Daniyal is pulling back the curtain to share the proven frameworks and insights he\u2019s gathered\u2014helping businesses worldwide achieve the highest possible ROI from their email programs.","url":"https:\/\/emailwarmup.com\/blog\/author\/daniyaldehleh\/"},{"@type":"Question","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975","position":1,"url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923134975","name":"Does softfail mean my domain is less secure?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Not when combined with DMARC. DMARC treats softfail and hardfail identically \u2014 both count as SPF failure. The difference is <em>when<\/em> rejection happens, not <em>whether<\/em> it happens. Softfail lets DMARC make the final decision; hardfail might preempt it.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088","position":2,"url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145088","name":"Will switching to softfail hurt my sender reputation?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"No. <a href=\"https:\/\/emailwarmup.com\/blog\/email-deliverability\/sender-reputation\/\">Email reputation<\/a> depends on engagement, complaints, and authentication pass rates \u2014 not which SPF mechanism you use. Softfail that leads to DMARC pass is identical to hardfail that leads to DMARC pass from a reputation perspective.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326","position":3,"url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923145326","name":"Should I use softfail while deploying DMARC?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Yes. Softfail during DMARC deployment is best practice. Monitor reports to identify legitimate senders you might have missed. Once you're confident all sources are covered, you can decide whether hardfail adds value (for most active domains, it doesn't).","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033","position":4,"url":"https:\/\/emailwarmup.com\/blog\/email-authentication\/spf-softfail-vs-hardfail\/#faq-question-1766923157033","name":"What causes the \"550 SPF Hard Fail\" error?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"The 550 error occurs when a receiving server rejects mail based on your hardfail policy. If legitimate emails are bouncing with this error, switch to softfail and ensure <a href=\"https:\/\/emailwarmup.com\/blog\/how-to-setup-dkim\/\">DKIM<\/a> is properly configured. The combination protects against spoofing while allowing forwarded mail to survive.","inLanguage":"en-US"},"inLanguage":"en-US"}]}},"uagb_featured_image_src":{"full":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",3533,2248,false],"thumbnail":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",150,95,false],"medium":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",300,191,false],"medium_large":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",768,489,false],"large":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",1024,652,false],"1536x1536":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",1536,977,false],"2048x2048":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",2048,1303,false],"profile_24":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",24,15,false],"profile_48":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",48,31,false],"profile_96":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",96,61,false],"profile_150":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",150,95,false],"profile_300":["https:\/\/emailwarmup.com\/blog\/wp-content\/uploads\/2025\/12\/Softfail-vs-Hardfail_11zon.jpg",300,191,false]},"uagb_author_info":{"display_name":"Daniyal Dehleh","author_link":"https:\/\/emailwarmup.com\/blog\/author\/daniyaldehleh\/"},"uagb_comment_info":0,"uagb_excerpt":"Every SPF record ends with an &#8220;all&#8221; mechanism that tells receiving servers how to handle unauthorized senders. Softfail (~all) marks them suspicious. Hardfail (-all) rejects them outright. The choice seems obvious \u2014 reject unauthorized mail, right?&nbsp; But hardfail creates problems that softfail avoids, and DMARC has changed the security calculus entirely. This decision affects: For&hellip;","_links":{"self":[{"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/posts\/4585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/comments?post=4585"}],"version-history":[{"count":3,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/posts\/4585\/revisions"}],"predecessor-version":[{"id":5010,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/posts\/4585\/revisions\/5010"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/media\/4587"}],"wp:attachment":[{"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/media?parent=4585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/categories?post=4585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/emailwarmup.com\/blog\/wp-json\/wp\/v2\/tags?post=4585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}