SPF/DKIM/DMARC Check
Validate email authentication records — SPF, DKIM, and DMARC DNS configuration.
SPF, DKIM, and DMARC are the three DNS-based standards that prove an email really came from your domain and wasn't tampered with. This tool checks a domain's records for all three, reports whether each is present and valid, and explains the policy in plain language. Correct configuration protects your domain from spoofing and improves inbox placement.
Frequently asked questions
What is SPF?
Sender Policy Framework lists which servers may send mail for your domain. Receivers reject or flag mail from servers not on the list.
What is DKIM?
DomainKeys Identified Mail adds a cryptographic signature to each message so receivers can verify it was authorised and unaltered in transit.
What is DMARC?
DMARC ties SPF and DKIM together and tells receivers what to do with mail that fails — monitor, quarantine, or reject — plus where to send reports.
Why is my DKIM not detected?
DKIM lives at a selector-specific record. If your provider uses an uncommon selector, an automated check may miss it even though it exists.
Do I need all three?
Ideally yes. SPF and DKIM provide the checks, DMARC enforces them and gives visibility. Together they offer the strongest protection.