Email authentication
Email Auth Checker
Audit SPF, DMARC, and DKIM for a domain in one report with optional DKIM selectors and a pass score.
Recent checks
Your recent successful checks will appear here.
How to use this tool
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
- SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. Start at the organizational domain, list every authorized sender, prefer include for SaaS providers, end with -all or ~all, stay under ten DNS lookups, then validate DMARC alignment before enforcement. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
What the result shows
The result is split into the signals that matter for this specific check.
| Field | Purpose | Example |
|---|---|---|
| Domain | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Enter the apex domain that appears in the visible From header. |
| Query name | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Confirm exactly one SPF, DMARC, and DKIM TXT record is published. |
| Found | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Review parsed mechanisms, terminal all, and lookup count. |
| Valid | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Remove deprecated ptr and permissive +all when possible. |
| Terminal all | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Pair the result with DMARC and DKIM checks on the same domain. |
| Mechanisms | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Re-run after DNS TTL once includes are verified. |
| DNS lookup count | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Enter the apex domain that appears in the visible From header. |
| Raw record | SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment. | Confirm exactly one SPF, DMARC, and DKIM TXT record is published. |
When this check helps
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Use the validator during ESP onboarding, Microsoft 365 or Google Workspace migrations, DMARC rollout, deliverability incidents, and vendor questionnaires. SPF is only half of authentication — DMARC still needs aligned DKIM or SPF results at the From domain. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
What to review when results look wrong
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
If no record appears, query the apex TXT directly — not _dmarc or a selector. When multiple SPF, DMARC, and DKIM strings exist, merge authorized sources into one record because receivers may reject ambiguous publications. After edits, wait for TTL and compare the raw TXT field against dig +short TXT example.com. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
How to interpret the result
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
SPF (Sender Policy Framework) is published as a single TXT record at the domain apex starting with SPF, DMARC, and DKIM. Receivers evaluate it during SMTP to decide whether the connecting IP is authorized to send mail for that domain. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Recommended workflow
- Enter the apex domain that appears in the visible From header.
- Confirm exactly one SPF, DMARC, and DKIM TXT record is published.
- Review parsed mechanisms, terminal all, and lookup count.
- Remove deprecated ptr and permissive +all when possible.
- Pair the result with DMARC and DKIM checks on the same domain.
- Re-run after DNS TTL once includes are verified.
Tool vs manual checks
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "include mechanisms and third-party senders", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "terminal all qualifiers and fail modes", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "multiple SPF TXT records", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "DNS lookup limits and flattening", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "SPF alignment with DMARC", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
dig TXT example.com shows raw strings but does not parse mechanisms, warn on +all, or estimate lookup depth. DNS Checker lists all TXT values yet lacks SPF-specific validation. DN01 uses the same Go parser as the production API and returns shareable result pages. For "ip4, ip6, mx, and ptr mechanisms", treat the apex TXT as the contract receivers enforce at SMTP time. Document each mechanism, confirm lookup cost, and verify the terminal all matches your risk posture. After DNS changes, re-run the same domain to prove the publication is singular, syntactically valid, and ready for DMARC alignment.
Why use DN01
- Live apex TXT lookup
- Mechanism parsing and lookup estimate
- Multiple-record and syntax errors
- Warnings for ptr and permissive all
- Pairs with DMARC and DKIM tools
- Combined SPF, DMARC, and DKIM audit URL
FAQ
Email Auth Checker FAQ
Combined SPF, DMARC, and DKIM audit with optional selectors and a pass summary.
What does Email Auth Checker validate?
It runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide, then summarizes how many layers pass. SPF, DKIM, and DMARC stack guide
Which DKIM selectors does DN01 try?
If you leave selectors blank, DN01 tries google, selector1, k1, s1, and default. Add your ESP or Microsoft 365 selector for accurate signing checks.
How is the pass score calculated?
The summary counts three layers: valid SPF TXT, valid DMARC policy, and at least one valid DKIM selector. Partial passes are common during migrations.
Should I fix SPF, DKIM, or DMARC first?
Fix SPF authorization and DKIM signing before tightening DMARC from p=none to quarantine or reject.
Can I share audit results with my team?
Result URLs include the domain and optional ?selectors= query so support teams can reopen the same audit.
How does this differ from the standalone tools?
This tool orchestrates the dedicated SPF, DMARC, and DKIM validators — use those pages when you need deep detail on one record.
Tool switcher
Continue with another check
Pick the next step in your domain or security workflow.
- SPF ValidatorValidate SPF TXT records, mechanisms and terminal allOpen
- DMARC AnalyzerDMARC policy, alignment and reporting checksOpen
- DKIM ValidatorDKIM selector lookup and record validationOpen
- DNS CheckerAll major record types in one passOpen
- DIGOne record type, resolver-style answerOpen
- Domain IP LookupA and AAAA IP addresses for a domainOpen
- Domain Age CheckerCreation date, age, registrar and expiryOpen
- WHOISRegistrar, expiry and domain statusOpen
- HTTP Header CheckerResponse headers, redirects and cachingOpen
- HTTP/2 TesterHTTP/2 support, ALPN and TLS negotiationOpen
- SSL Certificate CheckerCertificate chain, SAN and TLS versionOpen
- Blacklist CheckerDNSBL reputation for IP and domainOpen
- Punycode ConverterUnicode ↔ Punycode for IDN domainsOpen
- URL SplitterBreak a URL into parts and query paramsOpen
- Base64 CodecEncode and decode Base64 textOpen
- Password GeneratorStrong random passwords for ops workOpen
- Password Strength CheckerEntropy, crack time and password suggestionsOpen
- Passphrase GeneratorMemorable random word phrases for safer sharing testsOpen
- BIN CheckerCard brand, bank and country from BIN/IINOpen
- IP CalculatorSubnet math for IPv4 and IPv6 CIDROpen
- Browser Update CheckerBrowser version, update status and Client HintsOpen
Related articles
Practical guides for common Email Auth Checker tasks — DNS records, troubleshooting steps, and links to our free tools.
spf dkim dmarc stack, email auth checker, spf dkim dmarc
SPF, DKIM, and DMARC together
SPF, DKIM, and DMARC together. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →combined email auth audit, email auth checker, spf dkim dmarc
Combined email authentication audit
Combined email authentication audit. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →dkim selector workflow, email auth checker, spf dkim dmarc
DKIM selector workflow in one run
DKIM selector workflow in one run. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →dmarc before enforcement, email auth checker, spf dkim dmarc
DMARC readiness before enforcement
DMARC readiness before enforcement. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →email auth result summary, email auth checker, spf dkim dmarc
Reading the email auth summary score
Reading the email auth summary score. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →shareable email auth checker results, email auth checker, spf dkim dmarc
Shareable email auth checker result pages
Shareable email auth checker result pages. Email Auth Checker runs SPF at the domain apex, DMARC at _dmarc.<domain>, and DKIM for each selector you provide in one coordinated report. Shareable result URLs keep domain and optional selectors in the query string so support teams can reopen the same audit without retyping.
Read article →