Better SPF record verification
There can only be one SPF records for any domain, and it's quite common to have multiple includes in one record. The domain verification for the SPF record should be savvy enough to parse the record for the v=spf1, linclude:mailgun.org, and ~all elements seperately so it can verify an SPF record with multiple includes.
Luis Rodriguez commented
Im not sure what you mean here. Im pretty sure this already works with multiple includes.
I do however think there is still improvement that can be done to it.
if spf has include:mailgun.org -> pass
-get ip's from domain (pool, shared, dedicated)
-get spf record and gather its list of ip4 by performing all lookups.
-loop through ips from domain and verify that they all exist in spf record.
-if all ips exist -> pass
-else -> fail
There are many scenarios we face with our clients where include just wont cut it such as security, limits, and flattening. We would really like to have this fixed to reduce friction onboarding clients.