Troubleshooting2026-04-038 min read

When to use SPF flattening

Learn when SPF flattening may help, when it creates more risk than value, and what to review before using it.

When flattening may make sense

SPF flattening can be useful when an SPF record becomes too complex, difficult to reason about, or close to the 10 DNS lookup limit.

It can also help provide a clear, explicit view of all authorised sending IPs without needing to recursively resolve include mechanisms.

You can assess your current SPF complexity using DNS Pro: https://app.dnspro.co.uk/spf-lookup

For comparison, you can also check via MXToolbox: https://mxtoolbox.com/spf.aspx

When flattening may not be worth it

Flattening is often a poor fit in environments where third-party providers frequently change their sending IP ranges.

In these cases, a flattened record can quickly become outdated, leading to legitimate email failing SPF checks.

Without automation to continuously rebuild the record, flattening introduces operational risk.

Flattening vs optimisation

Flattening is not always the first or best solution. In many cases, simply optimising the SPF record is sufficient.

  • Remove unused include statements
  • Consolidate duplicate mechanisms
  • Replace unnecessary mx or a mechanisms with explicit IPs
  • Review whether all third-party senders are still required

Learn the fundamentals first: /articles/what-is-spf

Practical review checklist

  • Is the SPF record approaching or exceeding the 10 lookup limit?
  • Are there legacy includes that can be removed?
  • Do you fully understand the effective SPF policy today?
  • Will flattening require automation to remain accurate?
  • Are provider IP ranges stable enough to justify flattening?
# Check SPF record
dig TXT example.com

# Review includes
nslookup -type=txt example.com

When flattening is a strong fit

  • You are consistently hitting SPF lookup limits
  • Your sending infrastructure is stable and well-defined
  • You have automation to regenerate flattened records
  • You need deterministic SPF evaluation with no recursion

When flattening is high risk

  • You rely heavily on third-party SaaS email providers
  • Provider IP ranges change frequently
  • There is no automation to maintain the record
  • You do not have clear visibility of all sending systems

A good default mindset

SPF flattening should be treated as a deliberate architectural decision rather than a quick fix.

Start by simplifying and understanding your existing SPF policy. Only move to flattening if it provides a clear operational or technical benefit.

For a deeper explanation of flattening itself, see: /articles/what-is-spf-flattening

Related Tools

All Articles

Browse the full learning library.

DNS Audit

Run a broader DNS and email configuration audit.

Email Security Check

Review SPF, DMARC, DKIM, MTA-STS, TLS-RPT, and BIMI together.