I've been grappling with an SPF record issue that seems to stem from domain spoofing attempts over the weekend. When I ran checks using various SPF validators, they all indicated that my record is missing the '-all' directive at the end. The complication is that my SPF record is quite lengthy, comprising numerous include statements and a lot of IP4 entries. Although the last entry does include '-all', the validators only seem to display the initial group of entries and overlook the rest. I tried some variations, like putting spaces between the groups instead of line breaks, but that led to errors where two IP addresses ended up being merged. I'm honestly stumped on how to format this correctly. What am I missing?
2 Answers
Totally get your pain. I ran into something similar! Make sure you're following the right procedures for long SPF records. This article might be the key: https://repost.aws/knowledge-center/route-53-configure-long-spf-txt-records. It could help you nail the formatting.
It sounds frustrating! Just keep in mind that DNS lookups take a toll. If your SPF record has a ton of includes, you might want to consider 'flattening' your record into a more concise list of IP4 entries. That way, you can avoid hitting those limits.
I tried flattening it, but the validators only return the first group of IPs, ignoring the rest and, most importantly, the '-all' at the end.
I checked that guide already. It suggests putting a space between the IP groupings, but when I did, the validators said my SPF was invalid. I ended up with entries like this: 'ip4:129.148.135.0/25ip4:129.148.164.0/25', all jammed together.