1 1097 v=spf1 mx -all
2 804 v=spf1 ip4:a.b.c.d/32 ip4:a.b.c.d/32 a ptr mx -all
3 463 v=spf1 a mx ptr -all
4 429 v=spf1 a mx -all
5 325 v=spf1 -all
6 306 v=spf1 a -all
7 171 v=spf1
+exists:CL.%{i}.FR.%{s}.HE.%{h}.null.spf.example.com -all
8 131 v=spf1 include:example.org ~all
9 131 v=spf1 a mx ?all
10 130 v=spf1 ?all
(I've slightly munged the above to preserve the privacy of the SPF
adoption roll participants.)
There are 204 SPF records on the adoption roll that use the exists:
mechanism with a macro variable, so a non-trivial number of domain
owners want some sort of more complex than a simple list of IP
addresses.
171 of those records seem to be creating a DMP style reverse-IP
lookup zone. I think this might have a place since it is the most
convienient for a couple of use cases:
1) Sender has a LOT of mail senders at non-contiguous addresses
(e.g. co-locs)
2) Sender is using some form of dynamic DNS config to add addresses
on the fly. (could be to address use case 1)
The DMP style has the advantage that the probability of receiving
cached DNS data that is stale is low.
People may want more flexibility than a list of IP addresses, but that
does not mean they want more complexity.
Phill