Hello, we received an alert from Cloudflare regarding the SPF record currently in use on our domain. After running several checks using external tools, here is what we found:
The SPF record is: v=spf1 +a +mx include:_spf.hostingname.it include:servers.mcsv.net include:userinclude.dme3ds1.com ~all
The total number of DNS lookups is 8, which is within the maximum limit of 10 allowed by the standard.
The record is valid, functional, correctly formatted, and does not contain any PTR, void lookup, or deprecated mechanisms.
We are not experiencing any issues with email delivery, which leads us to wonder whether the alert may have been generated preventively (given the proximity to the DNS lookup limit) or due to a temporary DNS resolution issue.
What could be the issue on Cloudflare’s side?
The alert we received is as follows:
No SPF record detected > An invalid or missing SPF record was found.
Risk > Email spoofing > A malicious actor could impersonate the organization by sending emails with its domain name in the sender address.
Detection method > A DNS MX record was found for this domain, but no corresponding SPF record in the correct format was detected.
Thank you.
