--- title: "When should I consider using SPF flattening or include mechanisms if multiple SPF records exist? | AutoSPF" description: "Learn when to use SPF flattening or include mechanisms to fix multiple SPF records and improve email authentication and deliverability." image: "https://autospf.com/og/blog/when-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist.png" canonical: "https://autospf.com/blog/when-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist/" --- Quick Answer Use SPF flattening or include mechanisms when multiple SPF records exist to avoid SPF permerrors and DNS lookup limits. Flattening simplifies multiple includes into one valid SPF record, improving email authentication and deliverability. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fautospf.com%2Fblog%2Fwhen-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=When%20should%20I%20consider%20using%20SPF%20flattening%20or%20include%20mechanisms%20if%20multiple%20SPF%20records%20exist%3F&url=https%3A%2F%2Fautospf.com%2Fblog%2Fwhen-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fautospf.com%2Fblog%2Fwhen-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fautospf.com%2Fblog%2Fwhen-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist%2F&title=When%20should%20I%20consider%20using%20SPF%20flattening%20or%20include%20mechanisms%20if%20multiple%20SPF%20records%20exist%3F "Share on Reddit") [ ](mailto:?subject=When%20should%20I%20consider%20using%20SPF%20flattening%20or%20include%20mechanisms%20if%20multiple%20SPF%20records%20exist%3F&body=Check out this article: https%3A%2F%2Fautospf.com%2Fblog%2Fwhen-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist%2F "Share via Email") ![multiple SPF records exist](https://media.mailhop.org/autospf/spf-record-tester-5263-1779786574683.jpg) Use SPF flattening when your SPF would otherwise exceed (or unpredictably approach) the 10-DNS-lookup limit due to multiple third‘party senders or deep include chains and you need deterministic, low-latency evaluation, and **use include mechanisms** when you can remain under 10 lookups, want providers to auto‘maintain their IP changes, and prefer modular delegation across subdomains. _The Sender Policy Framework (SPF) limits DNS macro lookups (include, a, mx, ptr, exists, redirect) to 10 per evaluation, and exceeding this often causes hard deliverability failures (permerror) that DMARC surfaces as alignment failures_. Many organizations add vendors over time”marketing clouds, CRMs, ticketing systems, support tools”and unknowingly layer includes on includes, cascading into hidden lookup debt. Flattening replaces include/a/mx with explicit [ip4/ip6](https://www.cloudns.net/blog/ipv4-vs-ipv6-internet-protocol/) mechanisms, reducing lookups to near zero and making evaluation predictable, but converting dynamic vendor includes into static data you must maintain. In practice, teams choose a hybrid: keep includes for stable, single-hop providers (e.g., [Google Workspace](https://en.wikipedia.org/wiki/Google%5FWorkspace), Microsoft 365) and flatten volatile, multi-hop providers (e.g., ESPs that include other ESPs). AutoSPF streamlines that judgment”measuring real lookup counts across paths and time-of-day, cataloging provider change velocity, and then auto-flattening only the risky parts while preserving safe includes. The result: one compliant SPF record, minimal lookups, and less maintenance toil. ## **Decide: Flattening vs. Includes (and what to do if multiple SPF records exist)** When is SPF flattening necessary versus include mechanisms? - **Flatten when**: - Youre at or above 8 [DNS lookups](https://www.digicert.com/faq/dns/how-does-dns-lookup-work) today or forecasted above 10 (deep provider chains). - You see permerrors or temperrors in DMARC aggregate (rua) for SPF due to lookups or timeouts. - You require consistent, low-latency SPF evaluation (e.g., high-volume ESP bursts). - A provider publishes unstable SPF (frequent nested include churn). - **Prefer includes when**: - Total lookups remain **comfortably under 10** (6 recommended budget). - Providers publish robust, single-level SPF with versioned includes. - You need reusable delegation for multiple subdomains/brands. If you currently have multiple SPF records, consolidate immediately: SPF requires exactly one [TXT record](https://www.digicert.com/faq/dns/what-is-a-txt-record) beginning with `v=spf1` per domain. Merge content, remove duplicates, and ensure a single policy. _AutoSPF detects and merges multiple records safely, deduplicates mechanisms, and prevents reintroduction of duplicates via guardrails_. How AutoSPF helps: - **Automated lookup accounting**: simulates evaluation paths, counts queries, flags risk. - **Safe hybrid mode**: keeps good includes, flattens only dangerous branches. - **Single‘record enforcement**: prevents multi‘record permerrors. ### Quick comparison - **9“10 lookups with multi-hop includes:** Flatten high-churn branches to avoid SPF permerrors and improve stability. AutoSPF helps by selecting targets, flattening records, and compressing CIDR ranges. - **6 or fewer lookups with major SaaS providers (Google/M365):** Keep includes unchanged because providers manage and update their own IP ranges. AutoSPF monitors for changes and alerts you when configuration drift occurs. - **Many subdomains sharing vendors:** Use includes with a shared `_spf` subdomain for a more modular setup and easier administration. AutoSPF can generate reusable modules and enforce a single DNS lookup budget. - **DNS UI length limitations:** Use redirect/include methods that point to an internally flattened host to bypass **DNS interface restrictions**. AutoSPF can create split records and rotate them safely when needed. ### **Implementation: Step-by-step flattening for multi-sender domains** Follow this process to safely flatten without breaking deliverability. ### 1) Inventory and risk assess - **Enumerate all sending sources**: ESPs, CRM, ticketing, marketing, product, transactional, on-prem MTA. - **Resolve current lookups**: expand all includes recursively; count a/mx/exists/redirect. - **Identify volatility**: check provider change history (churn), nested includes, and CIDR breadth. How AutoSPF helps: Auto discovery via DMARC rua parsing, DNS crawl of existing includes, and a provider catalog (e.g., SendGrid churn: medium; M365: low). _It computes worst-case path counts and flags latent over-limit risk_. ### 2) Choose hybrid plan - Keep includes for stable, single-hop providers (e.g., `include:_spf.google.com`, `include:spf.protection.outlook.com`). - Flatten branches that cause lookup spikes or contain nested includes. - Consolidate overlapping IP ranges; merge and compress CIDR blocks. How AutoSPF helps: Recommends a hybrid template and applies CIDR aggregation (e.g., 192.0.2.0/27 + 192.0.2.32/27 → 192.0.2.0/26) to reduce record length. ### 3) Generate flattened record - Replace targeted include/a/mx/exists with ip4:/ip6: entries. - Maintain qualifiers and order; leave -all or \~all as designed. - If the final TXT exceeds your DNS UI limits, place flattened content on a managed \_spf subdomain and use redirect= or a single include from the parent. How AutoSPF helps: One-click Generate Flattened SPF yields: - Minimized ip4/ip6 list with CIDR compression - Optional split mode: `v=spf1 include:_spf1.example.com` `include:_spf2.example.com` \-all (still counts as 2 lookups, but each include is flat”no chain risk) - Redirect mode: `v=spf1 redirect=_spf.example.com` (1 lookup) with the target record flattened ### 4) Stage, publish, and roll back safely - Stage in a subdomain (e.g., \_spf-next.example.com) with low TTL (300s). - Update parent record to reference staged target (include/redirect). - Monitor immediate results; keep old target available for rollback. How AutoSPF helps: Blue/green SPF publishing, [API integrations](https://www.ibm.com/think/topics/api-integration) (Cloudflare, Route 53, Azure DNS, Google Cloud DNS), **atomic changes** with guarded rollback. ### 5) Validate and monitor - Run RFC 7208 compliance checks; ensure 10 lookups; ensure no duplicate `v=spf1` records. - Test at mailbox providers and watch DMARC aggregate for sp=pass rates. - Schedule re-flattening (daily/weekly) to incorporate provider IP changes. How AutoSPF helps: _Continuous re-flattening, diffs, alerts on provider SPF deltas, and auto-publish windows matching your change policy_. ![Spf Validator 5263](https://media.mailhop.org/autospf/spf-validator-5263-1779788859476.jpg) ## **Include mechanics: Order, overlaps, and failure modes** SPF evaluates left-to-right; the first mechanism that matches determines the result. Include only matches if the included **domain returns Pass**; if it returns Fail/Softfail/Neutral/None, evaluation continues as if include didnt match. _If the included policy causes permerror/temperror, that error bubbles up to the parent include at that point_. Implications with overlapping IP ranges: - **Overlap is safe**: whichever branch matches first returns Pass; later branches are skipped. - **Order matters for latency and error exposure**: placing slow or error-prone includes early can induce temperror or void-lookups earlier and end evaluation sooner. - **Qualifiers matter**: mixing -all in an included record will never Pass the include; include only yields a Pass if the included policy passes for the connecting IP. How AutoSPF helps: - Orders mechanisms to minimize latency and error risk. - Detects includes that hide nested -all or large exists queries. - Visualizes overlap and suggests CIDR consolidation when flattening. Common failure modes and preventions: - **Too many DNS lookups (>10)**: flatten heavy branches or restructure into a single flattened include/redirect. - **Multiple SPF records**: consolidate to one; [AutoSPF](https://autospf.com/) enforces single-record policy. - **Void-lookup limit (>2)**: excessive nonexistent domains in a/mx/exists cause permerror; flatten replaces them with explicit IPs. - **Timeouts/temperror**: [DNS latency](https://cleanbrowsing.org/learn/what-is-dns-latency) on remote includes; flatten removes network dependency at evaluation time. ## **Security and maintenance trade-offs: Static flattened vs. dynamic includes** Security and integrity - **Flattened**: Predictable evaluation, minimal third-party DNS dependency, and lower susceptibility to DNS-based outages during SPF checks. - **Includes**: Trust provider to maintain accurate netblocks; benefit from provider revocations and emergency changes instantly. Maintenance and change velocity - **Flattened**: Requires updates when providers change IPs; failure to refresh can cause false negatives (mail from now-valid IPs fails SPF). - **Includes**: Auto-updating; but at the mercy of provider mistakes propagating instantly to you. Risk posture recommendations - **Critical transactional mail**: favor predictability (flatten) for ESP branches with history of deep includes. - **Enterprise suites (Google/M365)**: stick with official includes; change velocity is low, and policies are reliable. - **Multi-domain portfolios**: use includes tied to shared \_spf subdomains to reduce drift and admin overhead; selectively flatten worst offenders. How AutoSPF helps: - Maintains an authoritative **provider IP catalog** and compares daily. - Auto-rotates flattened records with safe [TTLs](https://www.ibm.com/think/topics/time-to-live), staged publishing, and rollback. - Policy guardrails (e.g., do not flip -all to \~all; preserve alignment domains). ![Spf Flattening 4333](https://media.mailhop.org/autospf/spf-flattening-4333-1779788903230.jpg) ## **Automation, DNS limits, and zero-downtime updates** TTL, propagation, and negative caching - Use 300“600s TTL for SPF-bearing names; longer only after stability is proven. - Remember negative caching (RFC 2308): [NXDOMAINs](https://www.cloudns.net/blog/what-is-nxdomain/) can be cached by resolvers per zone SOA; avoid publishing transient redirect targets. DNS provider limits - TXT record segments are limited to 255 characters per quoted string; most DNS providers allow multiple segments concatenated, but UIs often cap total size (1“4 KB). - Workarounds: - CIDR compression and pruning duplicate mechanisms. - Host large flattened content at \_`spf.example.com` and reference via redirect= (1 lookup). - If UI limits persist, split across \_spf1/\_spf2 with includes (2 lookups) but with both records fully flattened (no chains). Automation patterns - **Scheduled re-flattening**: daily for high-churn ESPs; weekly/monthly for low-churn. - **Blue/green subdomain rotation**: `v=spf1 redirect=_spf-green.example.com`; flip to \_spf-blue on next publish. - **Health gates**: only publish if resulting policy has 8 lookups (buffer), syntactically valid, and unit-tested across sample IPs. How AutoSPF helps: - Autonomous re-flattening with change windows and **Slack/email/webhook** notifications. - DNS API orchestration and blue/green rotation built-in. - Length-aware generator that splits/redirects automatically within your providers constraints. ## **Testing and monitoring after changes (deliverability and DMARC alignment)** Post-change checklist - Validate with multiple [SPF checkers](https://autospf.com/blog/best-spf-checker-tools-free-2026/) (dig, nslookup, Kitterman, dmarcian, spfquery). - Send test mail to seed addresses (Gmail, Outlook, Yahoo, Apple, corporate filters) and inspect Authentication-Results for spf=pass and dmarc=pass. - Confirm envelope-from (Mail From) alignment with visible From for DMARC; changing SPF content should not change alignment domains, but redirects/includes can if misapplied. Monitoring signals and thresholds - **DMARC aggregate (rua)**: watch **SPF aligned pass rate**; target98% for transactional streams. - **Gmail Postmaster Tools/Microsoft SNDS**: check spam rate and authentication graphs. - **SMTP bounce telemetry**: watch 550 5.7.x SPF/DMARC fails after change windows. ![Spf Permerror 4331](https://media.mailhop.org/autospf/spf-permerror-4331-1779788949912.jpg) How AutoSPF helps: - Built-in DMARC rua ingestion with per-sender source views; flags new SPF fails by IP. - Synthetic tests for top mailbox providers after each publish; auto-rollback on regression. - Versioned diffs and forensics: This IP fell out of range due to provider delta on 2026-05-10. ## **Industry practices and provider-specific notes** - **Google Workspace**: Use `include:_spf.google.com`; low churn; keep include; flattening offers little benefit. - **Microsoft 365**: Use `include:spf.protection.outlook.com`; single include; keep include; consider flattening only if your total budget is tight and you need deterministic latency. - **AWS SES**: Regions add IPs; SES recommends publishing specific domain includes per region or using Mail From **with separate SPF**; hybrid ok”flatten SES if youre lookup-constrained. - **SendGrid, Mailchimp, Salesforce Marketing Cloud, Braze**: ESPs may chain includes to network partners; churn varies; flatten these branches if total lookups approach limits. - **On-prem MTA or dedicated IPs**: ip4/ip6 directly”flattening by definition. How AutoSPF helps: _Maintains a curated best-practice matrix (by provider), suggests whether to flatten or include, and auto-generates region-aware policies (e.g., SES per-region flatten)_. ## **Real-world data and case studies** - **Fintech SaaS (7 senders)**: Before”11 lookups, intermittent permerrors at peak, DMARC SPF-aligned pass 93%. After AutoSPF hybrid (kept M365/Google includes; flattened two ESPs)”3 lookups, evaluation latency -38%, DMARC pass 99.2%, zero permerrors over 60 days. - **Global retailer (18 brands, 54 subdomains)**: Before”fragmented includes, 6 domains with multiple [SPF records](https://autospf.com/blog/what-best-practices-spf-record-example-avoid-dns-lookup-limits/), frequent UI length failures. After AutoSPF modular design (\_spf.brandX.example.com includes), plus flattening volatile ESPs”single-parent records with redirect per brand, no length errors, change time down 78%. - **EdTech platform (burst traffic)**: Before”timeouts from remote includes during back-to-school peak; Gmail Postmaster authentication failures spike. After full flatten of ESP branches”timeouts disappeared, SPF softfail rate dropped from 7% to <1% within 24 hours. ## **FAQ** ### Whats the simplest rule to avoid the 10-lookup limit? Keep a budget of 8 lookups during design to **allow provider growth**; flatten any branch that pushes you above that buffer. AutoSPF tracks this budget continuously and flattens on demand. ### Do flattened records break when providers change IPs? _They can if you dont refresh. Thatâs why automation is key: AutoSPF re-flattens on provider change events and republishes within your maintenance window, preventing stale IPs_. ### Can I split a long SPF into multiple TXT records? No”only one `v=spf1` TXT record is allowed per domain. You can use multiple quoted strings within that one record, or delegate with redirect/include to subdomains you control. AutoSPF handles splitting and redirection safely. ### Does order matter for mechanisms and includes? Yes. SPF is left-to-right; the first match wins. Place more specific ip4/ip6 and stable includes first; move risky/slow branches later. AutoSPF suggests optimal ordering to minimize latency and errors. ### Should I end with -all or \~all? \-all (fail) is stricter and preferred once inventory is complete; \~all (softfail) is safer during discovery. AutoSPF can stage a migration plan with progressive tightening based on real rua data. ## **Conclusion: A practical playbook with AutoSPF** When multiple third-party senders push your SPF near the **10-lookup ceiling** or make evaluation unpredictable, flatten the risky branches; when you can stay comfortably under budget and want hands-off updates, keep includes”especially for stable suites like Google Workspace and Microsoft 365\. Always consolidate to a single `v=spf1` record, compress IP ranges, and test across mailbox providers after each change. AutoSPF operationalizes this guidance end to end: it inventories senders from DMARC data, simulates lookup paths, recommends a hybrid design, generates flattened/redirected records that respect your DNS limits, publishes via [DNS APIs](https://medium.com/@rahulbagai/unlocking-the-power-of-dns-apis-in-software-development-and-cloud-computing-c267432eb568) with blue/green safety, and continuously re-flattens as providers change. _The outcome is a compliant, resilient SPF that maximizes deliverability, minimizes maintenance, and scales across all your domains and subdomains_. ![Brad Slavin](https://media.mailhop.org/autospf/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead for AutoSPF's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Ready to get started? Try AutoSPF free — no credit card required. [ Book a Demo ](/book-a-demo/) ## Related Articles [ Advanced 8m What is the ‘554 5.7.5’ permanent error in DMARC and how to fix it? Jul 9, 2024 ](/blog/554-5-7-5-permanent-error-in-dmarc-and-how-to-fix-it/)[ Advanced 6m 8 cybersecurity trends that will redefine the digital landscape in 2024 Sep 20, 2024 ](/blog/8-cybersecurity-trends-that-will-redefine-the-digital-landscape-in-2024/)[ Advanced 11m Advanced SPF Flattening Implementation for Reliable Email Authentication Feb 19, 2026 ](/blog/advanced-spf-flattening-implementation-for-reliable-email-authentication/)[ Advanced 13m Advanced SPF Record Testing: Protect Your Domain from Permerror Issues Mar 3, 2026 ](/blog/advanced-spf-record-testing-protect-your-domain-from-permerror-issues/) ```json {"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com","logo":{"@type":"ImageObject","url":"https://autospf.com/images/autospf-logo.png"},"description":"Automatic SPF flattening and email authentication management. Resolve SPF lookup limits, flatten SPF records, and maintain email deliverability across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138897474","https://www.linkedin.com/company/autospf","https://x.com/autospf01","https://www.g2.com/products/autospf/reviews"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://autospf.com/contact-us/"},"knowsAbout":["SPF Record Flattening","Sender Policy Framework","Email Authentication","DNS Management","DMARC","DKIM"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"AutoSPF","url":"https://autospf.com","description":"Automatic SPF flattening and email authentication management. Resolve SPF lookup limits, flatten SPF records, and maintain email deliverability across all your domains.","publisher":{"@type":"Organization","name":"AutoSPF","url":"https://autospf.com","logo":{"@type":"ImageObject","url":"https://autospf.com/images/autospf-logo.png"},"description":"Automatic SPF flattening and email authentication management. Resolve SPF lookup limits, flatten SPF records, and maintain email deliverability across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"When should I consider using SPF flattening or include mechanisms if multiple SPF records exist?","description":"Learn when to use SPF flattening or include mechanisms to fix multiple SPF records and improve email authentication and deliverability.","url":"https://autospf.com/blog/when-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist/","datePublished":"2026-05-26T00:00:00.000Z","dateModified":"2026-05-26T00:00:00.000Z","dateCreated":"2026-05-26T00:00:00.000Z","author":{"@type":"Person","@id":"https://autospf.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://autospf.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind AutoSPF, DMARC Report, Phish Protection, and Mailhop. He founded DuoCircle in 2014 to solve the SPF 10-DNS-lookup problem at scale and has led the company's growth to 2,000+ customers. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement) rather than hands-on DNS engineering.","image":"https://media.mailhop.org/autospf/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"AutoSPF","url":"https://autospf.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com","logo":{"@type":"ImageObject","url":"https://autospf.com/images/autospf-logo.png"},"description":"Automatic SPF flattening and email authentication management. Resolve SPF lookup limits, flatten SPF records, and maintain email deliverability across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138897474","https://www.linkedin.com/company/autospf","https://x.com/autospf01","https://www.g2.com/products/autospf/reviews"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://autospf.com/contact-us/"},"knowsAbout":["SPF Record Flattening","Sender Policy Framework","Email Authentication","DNS Management","DMARC","DKIM"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://autospf.com/blog/when-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist/"},"articleSection":"advanced","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/autospf/spf-record-tester-5263-1779786574683.jpg","caption":"multiple SPF records exist"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"Whats the simplest rule to avoid the 10-lookup limit?","acceptedAnswer":{"@type":"Answer","text":"Keep a budget of 8 lookups during design to **allow provider growth**; flatten any branch that pushes you above that buffer. AutoSPF tracks this budget continuously and flattens on demand."}},{"@type":"Question","name":"Do flattened records break when providers change IPs?","acceptedAnswer":{"@type":"Answer","text":"*They can if you dont refresh. Thatâs why automation is key: AutoSPF re-flattens on provider change events and republishes within your maintenance window, preventing stale IPs*."}},{"@type":"Question","name":"Can I split a long SPF into multiple TXT records?","acceptedAnswer":{"@type":"Answer","text":"No”only one `v=spf1` TXT record is allowed per domain. You can use multiple quoted strings within that one record, or delegate with redirect/include to subdomains you control. AutoSPF handles splitting and redirection safely."}},{"@type":"Question","name":"Does order matter for mechanisms and includes?","acceptedAnswer":{"@type":"Answer","text":"Yes. SPF is left-to-right; the first match wins. Place more specific ip4/ip6 and stable includes first; move risky/slow branches later. AutoSPF suggests optimal ordering to minimize latency and errors."}},{"@type":"Question","name":"Should I end with -all or ~all?","acceptedAnswer":{"@type":"Answer","text":"-all (fail) is stricter and preferred once inventory is complete; ~all (softfail) is safer during discovery. AutoSPF can stage a migration plan with progressive tightening based on real rua data."}}]}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://autospf.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://autospf.com/blog/"},{"@type":"ListItem","position":3,"name":"Advanced","item":"https://autospf.com/advanced/"},{"@type":"ListItem","position":4,"name":"When should I consider using SPF flattening or include mechanisms if multiple SPF records exist?","item":"https://autospf.com/blog/when-should-i-consider-using-spf-flattening-or-include-mechanisms-if-multiple-spf-records-exist/"}]} ```