Your SPF record required more than 10 DNS Lookups to be performed during the test. The number of "include" mechanisms and chained "redirect' modifiers should be kept to a minimum.
According to RFC 7208, 'SPF implementations MUST limit the number of mechanisms and modifiers that do DNS Lookups to at most 10 per SPF check, including any lookups caused by the use of the "include" mechanism or the "redirect" modifier"'. The mechanisms of: "include", "mx", "a", "ptr", and "exists" count against the limit of 10 lookups. The "all, "ip4", and "ip6" mechanisms do not count against the limit of 10 since they do not require a DNS Lookup.
SPF implementations should restrict the number of DNS Lookups to 10 per check in order to explicitly limit how much data will be accepted to:
-
Prevent excessive bandwidth usage or memory usage
-
Prevent DoS attacks
If you use the "include" in your SPF record, it will have referenced SPF records evaluated with your SPF record and as a direct result the DNS Lookup count is dependent upon third parties. If you are close to reaching your limit of 10 DNS Lookups and someone in your "include" adds additional DNS records to their own SPF record, you could easily go over your limit of 10.
SPF Flattening
MxToolbox offers an SPF Flattening tool as part of our Delivery Center Plus plan. It provides a simple, intuitive system to help manage your complex SPF configurations. The more 3rd-party email sources you add to your domain, such as Marketing Automation, CRMs, Customer Support, and Order Fulfillment, you quickly max out of SPF configuration options. MxToolbox SPF Flattening removes the SPF limitations by automatically reconstructing your SPF record.
For more information about our SPF Flattening tool, click here.
Your Email Deliverability is in Jeopardy!
Blacklisting is a sign that you are not actively managing your email deliverability. Other technologies - SPF, DKIM and DMARC are now just as important to get your email placed in the Inbox of your recipients. If you aren’t managing email deliverability, your message may never be heard.
MxToolbox Delivery Center Features:
- Insight into your SPF, DKIM and DMARC configuration to ensure your sending email properly
- DMARC Compliance checks for all of your reported email
- Adaptive Blacklist Monitoring of all your email senders
- Recommendations for improving DMARC compliance and DMARC policies
- Event-based reminders for emergent issues and on-going maintenance
DMARC is a necessity for your business!
Learn More about Email Delivery