What are SPF, DKIM, and DMARC?

SPF (Sender Policy Framework) specifies which mail servers can send email for your domain. DKIM (DomainKeys Identified Mail) adds a digital signature to verify email integrity. DMARC (Domain-based Message Authentication, Reporting and Conformance) ties SPF and DKIM together with a policy for handling failed checks.

Why do I need email authentication records?

Without SPF, DKIM, and DMARC, anyone can forge emails appearing to come from your domain (spoofing). These records protect your brand, improve email deliverability, and prevent phishing attacks targeting your customers and employees.

Is this email authentication checker free?

Yes, this tool is completely free with no signup required. It performs real-time DNS lookups and provides detailed analysis of your email authentication configuration.

What DKIM selectors does this tool check?

This tool checks over 25 common DKIM selectors including those used by Google Workspace, Microsoft 365, ProtonMail, Fastmail, Mailchimp, SendGrid, Amazon SES, and more. You can also check custom selectors manually.

What is a good email security score?

An A+ score (90-100) means your domain has strong email authentication with SPF, DKIM, and DMARC all properly configured. A score below 60 indicates significant gaps that could lead to email spoofing or deliverability issues.

Free Online SPF/DKIM/DMARC Checker (No Signup)

Verify your domain's email authentication records in one lookup. Get a security score, find misconfigurations, and protect against email spoofing.

📧 SPF

Sender Policy Framework defines which mail servers are authorized to send email on behalf of your domain. Receiving servers check SPF to detect forged sender addresses.

🔑 DKIM

DomainKeys Identified Mail adds a cryptographic signature to outgoing emails. The recipient server verifies the signature using the public key published in DNS, proving the email was not tampered with.

🛡️ DMARC

Domain-based Message Authentication, Reporting and Conformance ties SPF and DKIM together. It tells receiving servers what to do when authentication fails and provides reporting so you can monitor abuse.

🛡️ SPF / DKIM / DMARC Checker

📧 SPF

🔑 DKIM

🛡️ DMARC