![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 96%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGC%3C/text%3E%3C/svg%3E)
Azure Communication Services
An Azure communication platform for deploying applications across devices and platforms.
1,239 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 36%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 69%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
Hi Gerard Callaghan,
To fix the issue, Lets follow these steps:
- DNS Lookup Limit: Although MXToolbox shows the record is green, Azure may still not be passing the SPF verification if it has hit the DNS lookup limit. Even though you’ve replaced some include mechanisms with ip4 entries, it’s important to verify the overall number of DNS lookups is within the 10-lookup limit. This includes checking any indirect includes or a-record lookups in the services you have listed (like spf.mailanyone.net and _spf.glasgow.gov.uk).
- Flatten the Includes: While you has already adjusted by adding ip4 entries, a key next step is verifying if other included domains like spf.mailanyone.net or glasgow.gov.uk may also require you to add their exact IP ranges directly (flattening the record). Flattening the SPF record means no more include statements that cause DNS lookups. You can use tools like MXToolbox to find the actual IP ranges of the domains included in your SPF record and replace the include statements with those IP ranges.
- Azure-specific behavior: It’s possible that Azure’s email verification system has stricter checks beyond DNS lookups. The “could not be verified” error in the Azure portal might also be caused by factors like: DNS propagation: Changes to the SPF record might not have fully propagated across DNS servers. Azure-specific limits or caching: Azure might cache the result, so ensure you're testing the verification after DNS changes have propagated.
- Check for SPF Record Length: Ensure that the SPF record doesn’t exceed the maximum length of 255 characters. If it does, you may need to split it across multiple records or reconsider which parts to include.
Next Steps:
1.Flatten the include mechanisms: Replace include:_spf.glasgow.gov.uk and include:spf.mailanyone.net with their actual IP ranges. This will help reduce lookups and might solve the issue with Azure.
2.Test again in Azure: Once you’ve flattened the record and adjusted the includes, check again in the Azure portal to see if the verification passes.
3.Verify DNS Propagation: Ensure that the updated SPF record has fully propagated across all DNS servers. You can use tools like DNSstuff to confirm this.
For reference-
If you have any further assistant, do let me know.