Remove 'a' and 'mx' SPF entries?

One of the most common mistakes for an SPF record is to have 'a' and 'mx' listed.

While those are completely valid and sometimes useful in a correct way, they are more commonly useless and should not appear.

The 'a' mechanism indicates that the IP address of the domain should be allowed to transmit messages for the domain in the From header of messages; this is usually wrong, because that IP address is the domain's web host IP address. While this *CAN* be a legitimate use, it is not normal.  Investigate and remove the entry if possible.

The 'mx' mechanism indicates that the IP addresses for the domain's MX records should be allowed to transmit messages for the domain in the From header of messages; this can be incorrect because the MX hosts are used for ingress traffic, and outbound does not go through that same environment.  Many times this is completely legitimate, but it is incorrect for most large hosted environments such as M365, Google, Proofpoint, etc. If your SPF record already has allowance for traffic from your provider such as those, addition of 'mx' is incorrect.
If in doubt, contact support at your provider.