SPF record is showing as Type 99 instead of Type 16

When I create an SPF record in DNS as a TXT file, when I test it in MXToolbox it shows the SPF record as being created as a type 99 record which is deprecated, instead of a type 16 TXT record. The error that MXToolbox comes back with for the domain is “SPF Record Deprecated The DNS record type 99 (SPF) has been deprecated”

Bearing in mind that when I create the record in the DNS manager I can only pick from a few record types, A, AAAA, CNAME, TXT etc… it is frustrating that the SPF record is then published as a type 99 record.

Is there any way to force the SPF record so that it is just a plain old type 16 TXT record so that it will pass scrutiny and doesn’t use a deprecated record type?

Any help would be greatly appreciated.

Failing that can anyone recommend a DNS name server host that supports type 16 TXT records and CNAME flattening?

Many thanks.

That would actually suggest you chose SPF as record type instead of TXT for your SPF record. SPF records should always be TXT records and not SPF records. Make sure it is TXT.

What’s the domain?

That is the thing, the record has been created from the drop down list of record types and I choose TXT, NOT SPF, I put @ in the name and the SPF contexts in the text box, I publish it and it then come up as a type 99 record which is frustrating, even if I delete and recreate, it still does the same thing. The domain is trusselltrust.org

I have even gone in, deleted the record, tested to ensure that MXToolbox can’t see an SPF record, recreate it as a TXT record and it comes back saying its a type 99.

If I export the DNS zone this is line for the SPF record:

trusselltrust.org. 1 IN TXT “v=spf1 include:spf1.formassembly.com include:mandrillapp.com include:mailgun.org include:spf.protection.outlook.com include:servers.mcsv.net include:spf.xledger.net ~all”

yet when I test it in MXToolbox it shows as deprecated.

I have lots of domains hosted in other name servers and I create SPF records as TXT records on those servers and they all pass as type 16 txt records so not sure why the Cloudflare server is doing this when I create this as a TXT file.

You still have an SPF record there. Remove it and the warning will disappear.

I don’t understand what you mean, I have not got any records in the DNS zone listed as SPF. All the record types I have in the zone file are A, CNAME, MX, SRV, NS and TXT

I don’t have any record types listed as SPF

Post a full page screenshot of https://dash.cloudflare.com/?to=/:account/:zone/dns.

You can redact the actual values if you want.

I have had to cobble together the 51 records into a single file and removed the content, however from the type you can see not an SPF type record in there, only what I listed before

That’s just the records, not the full page. I had a reason why I asked that :wink:

Which nameservers were given on that account?

That should be the right ones. Nonetheless, you still have an SPF record

$ dig +short @miles.ns.cloudflare.com trusselltrust.org SPF

"v=spf1 a mx include:_spf.google.com ~all"

Also evident from DNSMap - Worldwide DNS Propagation Checker - Global test.

My guess would be something got stuck in your configuration and support will have to manually fix that.

You could also try to create an SPF record anew yourself and then remove it, maybe that will get it unstuck, but most likely that’s something for Cloudflare to fix manually.

Best is to open a support ticket and insist on them fixing it should they want to close the ticket and refer you to the community. Maybe link in your ticket to this thread too.

OK thanks for you help, I have no idea how that is there. The zone was transferred from another name server by the web developer so I imagine a lot of baggage was sucked across in the migration and it is not showing in the zone file. I have tried deleting and recreating the SPF record and it still will not list it as as a TXT file even though the zone says it is. I will log a ticket now.

What kind of transfer? Cloudflare often has issues with DNS records if the domain was previously on an SSL as a service setup, in which case things often are properly stuck and Cloudflare needs to manually clean up. If that was the case here that could explain why you have a record which does not show up.

Yeah, ticket is the best approach and keep pestering them because they will most definitely want to refer you to back here. Linking to this thread is probably a good idea so they know you already asked.

To be honest, I don’t know what the web developer did in terms of the transfer but my guess is a ghost in there that needs flushing out.

Definitely, there’s a record being returned which does not show up. I mentioned the setup type as this would be a classic case.

But anyhow, yep, they need to do some good old weekend cleaning here.

@duncan4, yeah, got the confirmation, the domain is still active on such a setup.

You either talk to the previous service provider so that they take it off from their setup or you follow up with support so they force that drop.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.