Check your domain’s authentication and security in seconds: SPF, DKIM, DMARC, DNSSEC, MTA-STS and more. Weak email setup lets attackers send mail as you and quietly drops your legitimate messages into spam.
We'll configure and monitor email authentication for you.
Enter your domain and run the audit to see your grade and a card-by-card breakdown of every authentication and transport-security check.
Strong SPF, DKIM and DMARC stop spoofing - but modern inboxes also weigh DNSSEC, enforced TLS and IPv6. We check all of it and explain, in plain English, what to fix first.
Who is allowed to send as you, and what happens to mail that fails.
A single valid record, within the 10-lookup limit, that ends in a strict policy.
Cryptographic signing across common provider selectors, including weak or revoked keys.
Whether you enforce against spoofing or only monitor, plus reporting coverage.
Whether mail to you is forced over TLS, and your DNS can't be forged.
Signed DNS so attackers can't forge your records or redirect your mail.
A published policy that tells senders to require TLS when delivering to you.
Advanced certificate pinning in DNS for providers that support it.
Where your mail is handled, how reachable it is, and your verified logo.
The mail servers responsible for receiving email for your domain.
Whether your mail servers are reachable over modern IPv6 networks.
Your verified logo beside authenticated mail in supporting inboxes.
