diff --git a/CHANGELOG.md b/CHANGELOG.md
index d83d3d2..489baf1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/).
 
 ### Unreleased
 
+- fix: undefined variable in mech_mx if no valid MX found
+- add: new spf_record_include_match property to allow for additional filtering
+
 ### [1.2.8] - 2024-10-07
 
 - fix: mech_MX crit error on logging undef addrs
diff --git a/lib/spf.js b/lib/spf.js
index 8cd40f0..db0f3a2 100644
--- a/lib/spf.js
+++ b/lib/spf.js
@@ -13,6 +13,9 @@ class SPF {
     this.helo = 'unknown'
     this.spf_record = ''
 
+    // Store any matching include record for analysis
+    this.spf_record_include_match = {}
+
     // RFC 4408 Section 10.1
     // Limit the number of mechanisms/modifiers that require DNS lookups to complete.
     this.count = 0
@@ -358,6 +361,9 @@ class SPF {
       )
       switch (result) {
         case this.SPF_PASS:
+          // Store matching "include" mechanisms
+          this.spf_record_include_match = { ...this.spf_record_include_match, ...recurse.spf_record_include_match }
+          this.spf_record_include_match[domain] = recurse.spf_record
           return this.SPF_PASS
         case this.SPF_FAIL:
         case this.SPF_SOFTFAIL:
@@ -506,7 +512,7 @@ class SPF {
         resolve_method = 'resolve6'
       }
 
-      let addrs
+      let addrs = [];
       try {
         addrs = await dns[resolve_method](mx)
       } catch (err) {
diff --git a/test/spf.js b/test/spf.js
index fe2450d..f79241f 100644
--- a/test/spf.js
+++ b/test/spf.js
@@ -107,4 +107,11 @@ describe('SPF', function () {
     assert.equal(this.SPF.valid_ip(':212.70.d.94'), false)
     done()
   })
+
+  it('sets spf_record_include_match correctly', async function () {
+    this.timeout = 3000
+    this.SPF.count = 0
+    await this.SPF.check_host('130.211.0.1', 'google.com')
+    assert.ok(this.SPF.spf_record_include_match?.['_netblocks3.google.com'], 'expected include not found') 
+  })
 })