Skip to main content

Free Tool

Email Security Checker

Validate SPF, DMARC, DKIM, and MX records for any domain. See exactly what's configured and what's missing.

Why email authentication matters

SPF (Sender Policy Framework)

A TXT record that lists which mail servers are authorized to send email for your domain. Without SPF, anyone can send email that appears to come from your domain, making phishing attacks easy.

DMARC (Domain-based Message Authentication)

A policy record that tells receiving mail servers what to do when SPF or DKIM checks fail: nothing (none), move to spam (quarantine), or reject the message. DMARC also enables aggregate reporting so you can see who is sending email on your behalf.

DKIM (DomainKeys Identified Mail)

A cryptographic signature added to outgoing email. Receiving servers verify the signature against a public key in your DNS, confirming the message was not altered in transit and was sent by an authorized server.

MX Records

Mail exchanger records tell the internet which servers accept email for your domain. Missing or misconfigured MX records mean email sent to your domain will bounce.