Free Domain Check
Prevent spoofing and improve inbox placement (SPF, DKIM & DMARC)
Are mailbox providers actually recognising your emails as “from you”? With our free domain check, you’ll see in seconds whether your SPF, DKIM and DMARC settings are in good shape — or whether your domain is unintentionally open to spoofing.
Enter your domain and you’ll immediately get the first results. Want the details afterwards (including the DNS records we found and concrete fixes)? Leave your email address and we’ll send you an in-depth PDF report.
What are we checking exactly? (in plain English)
Email authentication sounds technical (and it is, a bit). The goal is simple: make sure receiving mail servers can trust that emails using your domain name were actually sent by you.
We check the three standards that virtually every serious mailbox provider uses:
SPF (Sender Policy Framework)
SPF is your “guest list” for sending servers. In your DNS, you specify which servers are allowed to send email on behalf of your domain.
Without SPF, in theory anyone can use “you@yourdomain.com” as the sender address.
Common issues
- SPF record is missing
- Too many include rules (SPF can’t be evaluated properly due to the DNS lookup limit)
- A policy that’s too lenient or unclear
DKIM (DomainKeys Identified Mail)
DKIM is the digital signature on your email. The recipient checks whether that signature is valid.
This helps prevent emails from being altered or forged in transit without anyone noticing.
Common issues
- DKIM isn’t enabled in your sending platform
- Selector doesn’t exist or points to the wrong place
- Outdated or weak settings (e.g. old key configuration)
DMARC (Domain-based Message Authentication, Reporting & Conformance)
DMARC is the traffic controller. It tells receiving mail servers what to do when SPF and/or DKIM doesn’t align.
DMARC is often the step that really slows down spoofing and phishing — because you’re not just measuring, you’re enforcing policy.
DMARC has three main modes
- none: monitoring (you see what’s happening, but you’re not blocking anything yet)
- quarantine: suspicious mail goes to spam/quarantine
- reject: suspicious mail is rejected
Why this matters (even if you “just send newsletters”)
Without solid domain authentication, you risk:
- Spoofing/phishing using your domain name
- Lower deliverability (more spam, less inbox)
- Reputation damage (“did you send that weird email?”)
- Issues with stricter policies from major mailbox providers (Google/Microsoft)
In short: this isn’t just “security”. It’s inbox performance, too.
More control over DMARC? This is our partner: DMARC Advisor
Want to do more than a one-off check — and set up DMARC properly long-term, with ongoing monitoring? That’s why we partner with DMARC Advisor.
DMARC Advisor helps organisations in Europe and Africa set up and manage DMARC, including visibility into what’s happening with your domain (and where the risks are), so you can scale in a controlled way from monitoring to quarantine and ultimately reject.
Frequently asked questions
For most improvements: yes. But you don’t have to do it yourself. The report is designed to be easy to forward to IT or your domain administrator.
Not “by law”, but in practice it’s increasingly necessary if you want to keep sending email reliably. Major mailbox providers are getting stricter and reward clear authentication.
If you don’t have anything yet: you typically start with p=none (monitoring), then carefully work up to quarantine and eventually reject. Moving to reject too quickly without alignment can block legitimate email.
Yes. Especially DMARC (and sometimes SPF) can block legitimate mail if you don’t include all sending sources. That’s why: get visibility first, then tighten step by step.
Any public domain with visible DNS records.
Let’s talk!
Whether you’re looking for a new platform, a partnership or just want to have a cup of coffee and a chat: we’d love to hear from you.
