Is it bad practice to put IP addresses into SPF records instead of lookups if you are also in control of the lookedup record?
Solution 1:
As mail server related DNS records are only changed occasionally but queried all the time, it is better optimize the latter. Administrator's Considerations in RFC 7208, 10.1.2 summarizes this well:
There might be administrative considerations: using
a
overip4
orip6
allows hosts to be renumbered easily at the cost of a DNS query per receiver. Usingmx
overa
allows the set of mail hosts to be changed easily. Unless such changes are common, it is better to use the less resource-intensive mechanisms likeip4
andip6
overa
ora
overmx
.
Solution 2:
would result in needing to change two IPs
Sounds like an argument in favour of putting the raw address in the SPF record to me.
If the person doing the next migration sees the v4 and v6 address spelled out explicitly in the SPF record, that is just another reminder that at least two records needed to be changed anyway.
In any case, its a good idea to keep a list somewhere easily discoverable that tells the next person doing any changes what else might need an orderly rollover procedure (mta-sts, DANE, ..)