Some domains,such as lenovo.com has 19 TXT records, dhl.com has 16 TXT records. For such domain,even the SPF is only one,but with some DNS query,it may have errors,or only return 4-6 txt records,which the SPF is not at the query result. In that case,the spf result will be missing spf.

For example:

nslookup -qt=txt dhl.com 180.76.76.76---->ERROR
nslookup -qt=txt dhl.com 114.114.114.114---->RETURN 4-6 RECORD WITHOUT THE SPF ONE
nslookup -qt=txt dhl.com 223.5.5.5---->ERROR
nslookup -qt=txt dhl.com 223.6.6.6---->ERROR
nslookup -qt=txt dhl.com 119.29.29.29---->RETURN 4-6 RECORD WITHOUT THE SPF ONE
nslookup -qt=txt dhl.com 1.2.4.8---->SOMETIME WORKS,SOMETIMES NOT
nslookup -qt=txt dhl.com 202.96.134.33---->ERROR

All above China DNS resturn error or only return 4-6 records back. Hope there will be a function having a config file at the config folder,such as spfrecord.dat,you can add some spf such as below format:

lenovo.com|v=spf1 include:spf.messagelabs.com include:_netblocks.eloqua.com include:spf.protection.outlook.com ip4:72.32.45.225 ~all

dhl.com|v=spf1 include:dpdhl._spf.dhl.com include:3a._spf.dhl.com include:3b._spf.dhl.com include:3c._spf.dhl.com include:3d._spf.dhl.com include:3e._spf.dhl.com include:3f._spf.dhl.com include:mrsc._spf.dhl.com include:e2ma.net include:spf.mandrillapp.com ~all

It is just like SPF cache,i think it will be useful for such case.

I could certainly add a feature request for this. However, I don't think it is practical to manually add SPF records for third-party servers. Not only it is way too much tedious work initially, but you will also have to constantly keep them up to date as companies could change their SPF records anytime. An easier solution would be to use a DNS server that does not have this issue.

Maybe DHL.COM has some limit for some dns server. As some only return few records,not all txt records,some was rejected to query at all.

Query MX record no prpblem,only txt record. Once you have SPF record to dump all IPs,it seems no problem.

So i think manually add such config file is useful at this case.

Why not change your DNS server and use one that does not have this issue? Are you not able to do that on your end?

dhl.com already delete some useless TXT record,at the moment,only 5 TXT record total,seems no problem now.

There are too many forged,virus,phishing email of DHL,so if SPF problem,maybe some email will be checked as clean. 

lenovo.com still no change until now,some foreign DNS is not so stable at China,maybe it is GFW issue? Not issue,most of case,we use Tecent 119.29.29.29,Aliyun 223.5.5.5,baidu 180.76.76.76 DNS.

If there is such function to add SPF record to config file,that will be good. As this problem happens only at such domains having too many TXT records.

If I change to use google,opendns and other,maybe there is some DNS query timeout issue,some other domains maybe have SPF checking issues......

So hope there will be such function at next build.

icicibank.com has  13 txt record,with google dns and opendns query,sometime it only return 6 record,and the SPF not among the result,in that case,it will have problem with SPF,DMARC.

walmart.com has 18 txt records. Will have same issue