What Is the SPF Lookup Limit?

 

The SPF (Sender Policy Framework) lookup limit is restricted to 10 DNS-based lookups per SPF evaluation, as defined in RFC 7208. If this limit is exceeded, the result is a permerror (permanent error), which can cause emails to fail SPF authentication and be rejected or filtered as spam.

What Counts Toward the SPF Lookup Limit?

The following mechanisms and modifiers trigger DNS lookups and count toward the 10-lookup limit:

  • include
  • a
  • mx
  • ptr (not recommended)
  • exists
  • redirect

Nested Includes
An include counts as one (1) lookup, plus any additional lookups required by the included record.

What Does Not Count?

The following mechanisms do not trigger DNS lookups:

  • ip4
  • ip6

Void Lookup Limit

In addition to the 10-lookup limit, SPF enforces a maximum of two (2) "void lookups" (DNS queries that return no results). Exceeding this limit can also result in a permerror.

How to Reduce SPF Lookups

Use SPF Flattening
Replace include or mx mechanisms with resolved ip4/ip6 addresses where possible. Click here to learn about MxToolbox's SPF Flattening Tool.

Avoid ptr Mechanism
The ptr mechanism is inefficient and strongly discouraged.

Minimize mx Usage
Limit reliance on mx, especially if your domain has multiple MX records.

Remove Unused Includes
Audit and remove outdated or unnecessary third-party services.

Use Subdomains
Delegate different sending services to separate subdomains to keep individual SPF records simpler.

If your SPF record exceeds the 10-lookup limit, consider using automated SPF optimization or flattening tools to consolidate and maintain a compliant record.

burritos@banana-pancakes.com braunstrowman@banana-pancakes.com finnbalor@banana-pancakes.com ricflair@banana-pancakes.com randysavage@banana-pancakes.com