The Skysnag Blog

What is the SPF 10 lookup limit?

October 11, 2023  |  < 1 min read

What is an SPF lookup?

An SPF lookup is when the receiving mail server checks to see if the IP addresses included in your SPF record match the IP address of the email sender.

What is the SPF lookup limit?

The SPF lookup limit is the maximum amount of time a recipient DNS can perform a lookup for a domain. This number was specified by the RFC7208 section 4.6.4 to be 10 since DNS queries cost the recipient mail server (bandwidth, CPU, memory). To avoid any irrational load on the recipient mail server, the limit was capped at 10.

An ‘include’ statement can have a significant impact on the number of lookups your DNS server has to carry out. This is because every time an included statement is called, the receiving DNS server has to do a lookup to determine the IP address. As a result, you should carefully consider how often you are using includes so as to avoid exceeding your maximum total of 10 lookups.

How to bypass the SPF lookup limit?

For today’s shift to cloud tools, 10 lookups are not enough as most businesses use so many third-party tools that can send an email on their behalf. These tools will each have their include statements which will include IP addresses, and so more lookups will be required. This will result In surpassing the 10 lookup limit, and failing authentication which will lead to a downgrade in deliverability.


Skysnag’s automated SPF software has been developed for receiving mail server to confirm whether the IP addresses included in your SPF record match the IP address of the email sender while taking care of your email deliverability. Get started with Skysnag by signing up using this link for a free trial today and protect your maintain a healthy domain name.

Check your domain’s DMARC security compliance

Enforce DMARC, SPF and DKIM in days - not months

Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.