I use Cloudflare for DNS for a domain that has a lot of different service providers who send email.
We quickly got over the 10 DNS lookups per SPF record. One of the “include” values causes 2 DNS lookups and only has a few IPv4 addresses in it, so would easily fit under the DNS text length limit. It seems the solution is to
- get rid of service providers (not feasible for this domain) or
- to “flatten” the SPF record by directly listing the IP addresses of the included addresses.
In this case I’d like to flatten and I wish that cloudflare had a feature in their DNS for “flattening” any SPF record. Basically cloudflare could leave my input as it is with includes and then use a basic heuristic to substitute IP addresses from the includes that have the shortest length. On a periodic basis Cloudflare would need to redo the flattening since an include might change.
In the short term, my solution is to manually flatten my own record in Cloudflare and then using my automation tool of choice (jenkins) I will create a job that checks if any of the includes have changed and sends me an email when I need to re-flatten at Cloudflare. A little more work might let me use the CloudFlare API to automatically re-flatten the values.
This was previously discussed and a community member who doesn’t work at cloudflare said “no, it’s not offered.”
OK, understood. But it would be nice if they did offer it.