My question needs some explanation first:
I provide an E-Mail-service for several clients. Depnding on the type of the E-Mail (reservation, offer,...) i send those mails from different servers. Therefore i've been including multiple ip Adresses to the clients domains as SPF records. The Record looks somthing like this:
v=spf1 ip4:xxx.xx.xxx.xx ip4:xxx.xx.xxx.xx ip4:xxx.xx.xxx.xx -all
All those ips are for my service.
Now while checking a clients SPF records i sar that Outlook includes just one Subdomain for their Outlook 365 like this:
v=spf1 include:spf.protection.outlook.com -all
An when i check the SPF-Records of "spf.protection.outlook.com" it shows me these:
v=spf1 ip4:207.46.101.128/26 ip4:207.46.100.0/24 ip4:207.46.163.0/24 ip4:65.55.169.0/24 ip4:157.56.110.0/23 ip4:157.55.234.0/24 ip4:213.199.154.0/24 ip4:213.199.180.0/24 include:spfa.protection.outlook.com -all
(like you can see here: https://mxtoolbox.com/SuperTool.aspx?action=spf%3aspf.protection.outlook.com&run=toolpage)
So my question now is:
Could i also create a single subdomain, which i add to my clients SPF-Records and then manage all of them centralized by simply changing the SPF-Records of my subdomain? If yes? Do i need to consider anything when creating that subdomain?
If you create one SPF record for a SPF sub-domain and then includes that sub-domain in all your customers SPF record, you will only have to edit the common SPF record, if one of the servers changes address. Eg:
TXT record for spf.example.com:
v=spf1 ip4:xxx.xx.xxx.xx ip4:xxx.xx.xxx.xx ip4:xxx.xx.xxx.xx -all
TXT record for one of the customer domains:
v=spf1 include:spf.example.com -all
Then you just have to keep the spf.example.com record updated.