GuidesAPI DocsLatest NewsStatusCreate Support RequestReturn to zoey.com
Guides
Start typing to search…

SPF Flattening

What is SPF Flattening?

SPF flattening is the process of replacing include: mechanisms in an SPF record with the actual IP addresses of your email services. This reduces DNS lookups and helps avoid the SPF 10-lookup limit that can cause authentication failures.

How It Works

Normally, each include: in an SPF record forces a DNS lookup to find authorized IPs. With flattening, those IPs are written directly into the record, eliminating extra lookups.
Example:

Unflattened:

v=spf1 include:_spf.salesforce.com include:spf.protection.outlook.com include:_spf.google.com ~all

Flattened:

v=spf1 ip4:136.147.0.0/16 ip4:166.78.0.0/16 ip4:40.92.0.0/15 ~all

Manual SPF Flattening Steps

Identify all include: statements in your SPF record.

Query each included domain (e.g., dig txt spf.protection.outlook.com) to find its IPs.

Replace include: entries with those IP ranges.

Test the new record to ensure it meets SPF rules (character limit, <10 mechanisms).

Monitor monthly—service providers often change IP ranges.

Problems with Manual Flattening

IP changes frequently – Providers update ranges without notice.

Length issues – Records may exceed DNS limits.

Deliverability risk – Outdated IPs cause email failures.

Maintenance burden – Requires ongoing monitoring and updates.

Reduced visibility – Harder to see which services are authorized.

Best Practices

Document which IPs belong to which provider.

Use SPF monitoring tools for alerts.

Split records if they exceed size limits.

Always test before publishing changes.

Review provider IPs monthly.

📘

In short: SPF flattening can help avoid lookup limits, but it creates a high-maintenance, error-prone setup. Use with caution.

Updated about 17 hours ago