A list of all the IP addresses and mail servers that are authorized to send emails on behalf of a specific domain is what is known as an SPF record. The format and content of the record specify how the recipient's email server should handle message routing when an IP is not listed in your SPF record.


SPF records are published in DNS, and these are the mechanism that incur a DNS  query that counts against your SPF limits. 


a

a:

mx

mx:

include:

ptr (not advised) 

exists:

redirect:


A DNS Lookup happens each time your SPF record implements one of the mechanisms. The maximum number of DNS lookups per SPF record is 10, which helps to prevent Denial of Service (DoS) attacks against DNS servers. The IPv4 and IPv6 techniques are not included in the 10 DNS lookup restriction and this is how flattening is performed, the service expands out the DNS queries and converts them to IP addresses which cuts down the number of DNS queries substantially. 


The number of mechanisms utilized will expand with the DNS lookup and may possibly exceed the limit if your company needs several third-party providers to send emails from their different IP addresses using your domain. The email you sent may then fail the SPF check because the recipient mail server was unable to verify the sending sources you permitted in your SPF record. 



Regardless of how many sending sources you want to approve, AutoSPFs single-click interface optimizes your current SPF record to have less than 10 DNS lookups.