Free Tool
Email Security
Scanner
Check your domain's email authentication in seconds. Verify SPF, DKIM, DMARC, and MX records are configured correctly.
v=spf1 include:_spf.google.com ~allv=DMARC1; p=reject; rua=mailto:...v=DKIM1; k=rsa; p=MIGfMA0G...10 mail.example.comWhy It Matters
Unprotected Domains Get Spoofed
Email authentication isn't optional anymore. Without it, your domain is a target for impersonation.
Email Spoofing & Phishing
Without SPF, DKIM, and DMARC, attackers can send emails that appear to come from your domain. This damages your reputation and puts your customers at risk.
Deliverability Problems
Gmail, Microsoft 365, and other providers increasingly reject or spam-folder emails from domains without proper authentication records. Poor setup means your emails don't arrive.
Compliance Requirements
Google and Yahoo now require SPF, DKIM, and DMARC for bulk senders. GDPR and Cyber Essentials also expect email security controls to be in place.
What We Check
Four Records That Protect Your Email
SPF (Sender Policy Framework)
Defines which mail servers are authorised to send email for your domain. Prevents unauthorised servers from spoofing your address.
DMARC (Domain-based Message Authentication)
Tells receiving servers how to handle emails that fail SPF or DKIM checks — none, quarantine, or reject. Also enables reporting.
DKIM (DomainKeys Identified Mail)
Adds a cryptographic signature to outgoing emails proving the message was not tampered with in transit.
MX Records (Mail Exchangers)
Direct incoming email to the correct mail servers. Redundant MX records ensure email delivery even if one server is down.
Ready to Build Something Real?
Let’s talk about your project. No sales pitch, just a technical conversation about what you need and how to build it.