Free SPF flattener
Turn your SPF includes into a fixed IP list
Flattening resolves every include: down to literal IP addresses, which removes the DNS lookups those includes were using — useful when you're over the 10-lookup limit.
How this works
We fetch your domain's current SPF record, then recursively resolve every include: — and any includes those includes reference — down to their underlying ip4:/ip6: mechanisms, then de-duplicate the result into a single flat list.
This runs the same recursive walk as our SPF checker, so if you want to see the lookup count before deciding whether flattening is even necessary, check there first.
Common questions
What does 'flattening' an SPF record actually mean?+
It means resolving every include: mechanism down to the actual IP addresses it currently points to, then listing those IPs directly with ip4:/ip6: instead of the include. Since ip4:/ip6: don't require a DNS lookup to evaluate, this removes every lookup those includes were causing.
Why isn't flattening a permanent fix?+
Because it captures a snapshot of IPs at the moment you ran it. Providers rotate and expand their sending IP ranges over time — when they do, your flattened record still lists the old IPs and doesn't automatically pick up the new ones, silently causing legitimate mail to start failing SPF. The include: version you started with updates automatically; the flattened version doesn't.
So when should I flatten instead of just leaving the includes?+
When you're genuinely over the 10-lookup limit and can't reasonably remove a sender. Flattening trades "automatically stays current" for "fits under the limit right now" — it's a fix for a real constraint, not a strict improvement, so only use it when the lookup count actually requires it.
What if my SPF record uses a: or mx: mechanisms?+
Those depend on the current A or MX records of a hostname, which can also change — flattening them the same way as includes would create the same staleness risk, so this tool flags them as a warning rather than silently expanding them. Review those manually.
How often should I re-run this?+
There's no fixed schedule — it depends entirely on how often your senders change infrastructure. As a rough guide, re-check every few months, and definitely re-check immediately if you notice a spike in SPF failures on legitimate mail.
More free checks