Free SPF DKIM DMARC Checker
Verify your email security with SPF, DKIM, DMARC, and DNSSEC analysis. Prevent spoofing and improve deliverability.
SPF
Specify which servers are authorized to send emails on behalf of your domain.
DKIM
Add digital signatures to emails, proving they haven't been tampered with.
DMARC
Tell receiving servers how to handle emails that fail SPF/DKIM checks.
DNSSEC
Protect against DNS spoofing with cryptographic authentication.
Frequently Asked Questions
What is SPF and why do I need it?
SPF (Sender Policy Framework) is a DNS record that specifies which mail servers are authorized to send email for your domain. Without SPF, spammers can forge emails appearing to come from your domain. Add an SPF record like "v=spf1 include:_spf.google.com ~all" to your DNS.
What is DMARC and how does it protect my domain?
DMARC (Domain-based Message Authentication, Reporting & Conformance) tells receiving servers what to do with emails that fail SPF or DKIM checks. It helps prevent email spoofing and phishing attacks. A basic DMARC record is: "v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com"
How do I set up DKIM for my domain?
DKIM (DomainKeys Identified Mail) adds a digital signature to your emails. Setup involves: 1) Generate a public/private key pair from your email provider, 2) Add the public key as a TXT record in your DNS, 3) Configure your mail server to sign outgoing emails with the private key.
What is DNSSEC and should I enable it?
DNSSEC adds cryptographic signatures to DNS records, preventing DNS spoofing attacks. It's recommended for all domains, especially those handling sensitive data. Enable DNSSEC through your domain registrar - most modern registrars support one-click DNSSEC activation.