SPF include a main domain & its subdomains

Question

I need to configure SPF using ( include ) for one domain and its subdomains too at the same time

Example :

domain1.com has SPF for main domain + 4 subdomains

domain1.com has spf v=spf1 ip4:IPADDR1/24 -all

sub1.domain1.com has spf v=spf1 ip4:IPADDR2/24 -all

sub2.domain1.com has spf v=spf1 ip4:IPADDR3/24 -all

sub3.domain1.com has spf v=spf1 ip4:IPADDR4/24 -all

sub4.domain1.com has spf v=spf1 ip4:IPADDR5/24 -all

now for ( domain2.com ) i need to include all the SPF records of ( domain1.com & its subdomains ) with a simple syntax

I tested this syntax for ( domain2.com ):

( domain2.com ) v=spf1 include:domain1.com -all ( it includes only the spf of main domain "domain1.com")

I tested also this syntax for ( domain2.com ) :

( domain2.com ) v=spf1 include:*.domain1.com -all ( to include the 4 subdomains too but it's invalid )

is there any simple syntax that can include both main & subdomains SPFs of a domain name in one time ?

thank you in advance

Are you certain you want to be sending mail from 5*255 = 1275 unique IPv4 addresses? Also, no mention of IPv6? Depending on the use case, it may be more appropriate to route all messages through a common relay that enforces rate limits and mitigates abuse. — anx, Aug 22 '22 at 14:46

score 1 · Answer 1 · answered Aug 22 '22 at 09:47

1

No, there is no such syntax.

Since subdomains are not known and cannot be enumerated automatically, you will have to list all subdomains explicitly.

v=spf1 include:domain1.com include:sub1.domain1.com [... and so on for the other subdomains] -all

answered Aug 22 '22 at 09:47

glts

2

Note that the standard states there cannot be more than 10 DNS lookups. – Paul Aug 22 '22 at 13:17

1 Answers1