Domain Management
      Back to home
      1. Help Center
      2. Portal Guides
      3. Domain Management

      SPF Optimization

      Sendmarc's SPF Optimization feature helps reduce DNS lookups within your SPF record ensuring compliance and maintaining email deliverability and security

      Before enabling SPF Optimization, it's important to understand the problem it addresses and how it functions.
       
      Sections in the article:

       

      SPF and DNS Lookup Limits

      The SPF (Sender Policy Framework) RFC specification imposes a DNS lookup limit, restricting domain owners to a maximum of 10 DNS lookups in their SPF record. Although this might seem sufficient, domain owners often reach this limit due to nested lookups used by their service provider. Nested lookups count toward the total number of lookups in the SPF record.

      It is common practice for service providers to supply a single address that hosts their IPs and IP ranges that are used to send email. This allows them to easily manage and change their sending IPs without requiring changes to the customer's DNS setup.

      For example including Google's SPF record alone will result in four extra lookups, adding this record:

      v=spf1 include:spf.google.com ~all
       

      Will have the following result:

      v=spf1 include:_netblocks.google.com include:_netblocks2.google.com 
      include:_netblocks3.google.com ~all

       

      To conclude, four lookups were queried:

      • include:spf.protection.outlook.com (Original Lookup)
      • include:_netblocks.google.com (Nested Lookup)
      • include:_netblocks2.google.com (Nested Lookup)
      • include:_netblocks3.google.com (Nested Lookup)
       
      The problem quickly escalates when you add more service providers, such as your email marketing system or CRM. Exceeding this limit can lead to email filters ignoring the entire SPF record, which may result in delivery and security issues. 

      SPF Optimization

      Sendmarc provides an SPF Management feature known as SPF Optimization. When activated, this feature continuously monitors your SPF record to ensure the number of DNS lookups remains within the permissible limit.

      SPF Optimization automatically changes your SPF record, resolving all lookups (including nested lookups) down to the IP address level when lookup limit is reached. We do this because IP addresses and ranges are not directly counted against the DNS lookup limit. We will only publish the IP addresses and ranges, while you may see spf.google.com in the Sendmarc interface, the internet will see all the Microsoft IPs.

      Resolution happens on a continuous basis, so no changes made by a provider are missed.
       
      This feature is only available to customers making use of the Sendmarc SPF Management feature.
       

      Enabling SPF Optimization

       
      Steps to follow:
      1. Navigation to Domains in the left navigation bar.


      2. Click on the domain you wish to configure and then click Edit. Or click the Pencil Icon of the domain you wish to edit.
      3. Click on SPF Settings then navigation to Advanced Settings

      4. SPF Optimization will be disabled by default, click ENABLED
      5. Click SAVE, to save your changes.