Editing Sender Policy Framework (section)

===Error handling===
As soon as SPF implementations detect syntax errors in a sender policy they '''must''' abort the evaluation with result PERMERROR. Skipping erroneous ''mechanisms'' cannot work as expected, therefore <code>include:bad.example</code> and <code>redirect=bad.example</code> also cause a PERMERROR.

Another safeguard is the maximum of ten mechanisms querying DNS, i.e. any mechanism except from IP4, IP6, and ALL. Implementations can abort the evaluation with result TEMPERROR <!-- Section 4.4 of rfc7208 --> when it takes too long or a DNS query times out or they can continue pretending that the query returned no data <!-- Section 5 of rfc7208, last paragraph --> —which is called a "void lookup".  However, they '''must''' return PERMERROR if the policy directly or indirectly needs more than ten queries for ''mechanisms''.  In addition, they '''should''' <!-- Sections 4.6.4 and 11.1 of rfc7208 --> return PERMERROR as soon as more than two "void lookups" have been encountered.  Any <code>redirect=</code> also counts towards this ''processing limits''.<ref>{{cite web |first1=Steve |last1=Atkins|title=SPF: The rule of ten |url=https://wordtothewise.com/2016/03/spf-the-rule-of-ten/ |publisher=wordtothewise.com |access-date=2019-09-23|date=2016-03-14 | df = dmy-all }}</ref>

A typical SPF HELO policy <code>v=spf1 a mx ip4:192.0.2.0 -all</code> may execute four or more DNS queries: (1) TXT record (SPF type was obsoleted by RFC 7208), (2) A or AAAA for mechanism <code>a</code>, (3) MX record and (4+) A or AAAA for each MX name, for mechanism <code>mx</code>. Except the first one, all those queries count towards the limit of 10.  In addition if, for example, the sender has an IPv6 address, while its name and its two MX names have only IPv4 addresses, then the evaluation of the first two mechanisms already results in more than two void lookups and hence PERMERROR.  Mechanisms <code>ip4</code>, <code>ip6</code> and <code>all</code> need no DNS lookup.