Paste any domain. We fetch its SPF record, walk every include:, count DNS lookups against the RFC 7208 limit of 10, and explain what's tight, what's broken, and what to do next.