Email Security Checker
Verify your domain's SPF, DMARC and DKIM records and detect configuration issues.
SPF, DKIM and DMARC are the three pillars of email authentication. Setting them up correctly keeps your emails out of spam and protects your domain from spoofing. This tool checks your domain's records and warns you about common mistakes.
SPF, DMARC & DKIM FAQ
SPF (Sender Policy Framework) is a TXT record that lists which servers are authorized to send email on behalf of your domain. It helps receivers detect spoofed senders.
DKIM (DomainKeys Identified Mail) cryptographically signs your emails with a private key; the receiver validates the signature with the public key published in your DNS. It guarantees the message wasn't altered.
DMARC (Domain-based Message Authentication) tells receivers what to do with emails that fail SPF and DKIM (nothing, quarantine or reject) and sends you reports. It's the layer that truly protects your domain against spoofing.
The selector identifies which DKIM key to use, since a domain can have several. It's queried at selector._domainkey.yourdomain.com. This tool tries common selectors automatically, but you can supply your own if you know it.
Ready to improve your DNS?
Choose the best free DNS server for your needs and configure it in minutes.