Skip to main content

New

Test your email deliverability

Send a test email and get a complete diagnosis of your SPF, DKIM and DMARC authentication in seconds.

  • Real send test
  • Instant diagnosis
  • No signup required
Run the test

Free SPF Flattener

Eliminate nested includes and stay under the 10 DNS lookup limit

Every DNS lookup over the RFC 7208 limit causes a permerror — and your emails stop reaching the inbox. Our SPF Flattener resolves all include, a, mx and redirect mechanisms into direct IP addresses. Enter your domain and get an optimized, flattened SPF record in seconds.

The domain whose SPF record you want to flatten.

Full recursive resolution

All include, a, mx and redirect mechanisms resolved into direct ip4/ip6 addresses.

Automatic record splitting

Automatic splitting into subdomains if the flattened SPF exceeds 450 characters.

Lookup savings breakdown

Compare the original and flattened result side by side with the exact lookup count.

Copy-ready DNS output

TXT records in standard DNS format. Chunked mode (255 characters) available.

Diagnostics and alerts

Automatic warnings for syntax errors and clear recommendations.

Why flatten your SPF records?

RFC 7208 imposes a strict maximum of 10 DNS lookups during SPF evaluation. Each include:, a, mx, redirect and exists mechanism consumes one lookup. Modern organizations using Google Workspace (4 lookups), Microsoft 365 (2), SendGrid (1) and a marketing tool easily exceed this limit. The consequence is immediate: a permerror that causes receiving servers to reject or quarantine your email.

Three situations where SPF flattening is essential:

  • Overly complex SPF — You use 4+ email providers and exceed the 10 allowed lookups. Every additional provider risks breaking deliverability.
  • Permerror failures — Your emails are rejected because the SPF exceeds the RFC limit. This directly impacts revenue and sender reputation.
  • Multi-provider consolidation — You manage domains with many nested includes that must be simplified for reliable delivery.

How to use the SPF Flattener in 3 steps

Step 1: Enter your domain

Enter your domain name (e.g. captaindns.com). The tool automatically retrieves the SPF record published in DNS. You can also paste a custom SPF record if you want to test a configuration before publishing.

Step 2: Run the flattening

The tool recursively resolves all mechanisms:

  • include: → resolved to the target domain's IP addresses
  • a / mx → resolved to IPv4/IPv6 addresses
  • redirect= → followed and fully resolved

Each terminal IP is extracted and grouped into a new SPF record.

Step 3: Copy and publish the result

Copy the generated TXT record(s). If the result exceeds 450 characters, the tool automatically creates subdomains with the correct includes. Then verify with the SPF Checker.

What is SPF flattening?

SPF flattening transforms an SPF record containing include:, a, mx and redirect mechanisms into an equivalent record composed solely of direct IP addresses (ip4: / ip6:).

Example — before flattening:

v=spf1 include:_spf.google.com include:sendgrid.net include:servers.mcsv.net mx ~all

This record consumes 7 DNS lookups (Google alone uses ~4).

Example — after flattening:

v=spf1 ip4:209.85.128.0/17 ip4:74.125.0.0/16 ip4:167.89.0.0/17 ip4:198.2.128.0/18 ip4:205.201.128.0/20 ~all

Result: 0 DNS lookups — all addresses are explicit.

What exactly does the tool check?

ElementProcessingResult
include:Recursive resolution of the full SPF treeTerminal IPs extracted
a / mxDNS resolution of A/AAAA and MX recordsIPv4/IPv6 addresses added
redirect=Followed and resolved to target SPFIncluded in the result
ip4: / ip6:Kept as-isNo additional lookup
Record size450-character limit checkAutomatic split if needed
TXT chunks255-character per-segment splittingChunked version available

Real-world use cases

Case 1: Too many email providers

Symptom: Your domain uses Google Workspace (4 lookups), SendGrid (1), Mailchimp (1), HubSpot (1) and a dedicated MX server (2). Total: 9 lookups. Adding one more provider triggers a permerror — and all SPF-checked emails fail.

Diagnosis: The SPF Flattener shows 9/10 lookups before flattening and 0 after.

Action: Publish the flattened SPF to free up all 10 lookups. You can now add providers without risking deliverability.

Case 2: Permerror in production

Symptom: Emails from captaindns.com are rejected by Gmail and Outlook. Bounce messages reference permerror. Deliverability drops overnight.

Diagnosis: The SPF Flattener detects 14 DNS lookups — 4 over the RFC 7208 limit.

Action: Flatten the SPF to reduce lookups to 0. Verify the result with the SPF Record Check before publishing. Deliverability recovers within hours once the DNS propagates.

Case 3: SPF record too long

Symptom: Your flattened SPF exceeds 450 characters because it contains dozens of IP ranges from multiple providers.

Diagnosis: The tool detects the overflow and automatically generates 2-3 subdomains with correctly chained include: references.

Action: Publish the TXT records for the main domain and each generated subdomain. The tool provides all records in copy-ready format.

❓ FAQ - Frequently asked questions

Q: What is SPF flattening and why do I need it?

A: SPF flattening replaces all include:, a, mx and redirect mechanisms with the IP addresses they resolve to. This eliminates intermediate DNS lookups and helps you stay within the 10 lookup limit imposed by RFC 7208.

Q: How does the 10 DNS lookup limit work in SPF?

A: RFC 7208 imposes a maximum of 10 lookups during SPF evaluation. Each include:, a, mx, redirect and exists counts. ip4: and ip6: don't count. Exceeding 10 results in a permerror and validation failure.

Q: Is SPF flattening safe?

A: Flattening is safe and immediately effective. The tradeoff: provider IP addresses change over time. Google and Microsoft update their IP ranges without notice. If your flattened SPF becomes stale, legitimate emails fail SPF checks. Re-flatten monthly and verify with our SPF Checker.

Q: What happens if my flattened SPF exceeds 450 characters?

A: The tool automatically splits the result into subdomains. The main SPF includes include: references to these subdomains, each containing a portion of the IPs. The total number of lookups remains minimal.

Q: What's the difference between SPF Flattener and SPF Generator?

A: The SPF Generator creates a new SPF record by selecting your providers. The SPF Flattener takes an existing SPF and transforms it by replacing includes with direct IPs to reduce lookups.

Q: How do I fix the "too many DNS lookups" error?

A: Use our SPF Flattener: the tool resolves all includes into direct IP addresses (ip4:/ip6:) that don't count as lookups. An SPF with 15 lookups drops to 0 after flattening.

Q: Are flattened SPF records compatible with all DNS providers?

A: Yes. The result is a TXT record compliant with RFC 7208. The chunked option (splitting at 255 characters per segment) is available for providers that impose this limit.

Complementary tools

ToolPurpose
SPF Record CheckVerify your published SPF after flattening
SPF Syntax CheckValidate SPF syntax before publishing
SPF GeneratorCreate a new SPF with preconfigured providers
Mail Domain CheckFull email authentication audit for your domain
DMARC GeneratorConfigure DMARC to complete your authentication

Useful resources