SPF + DMARC checker

Audit any domain's email authentication setup. Get a clear verdict on SPF, DMARC, and MX in one lookup.

Why this matters for deliverability

Gmail and Yahoo's bulk-sender requirements (Feb 2024) require SPF, DKIM, and DMARC for anyone sending more than 5,000 emails/day. Without them, your mail goes straight to spam — or gets rejected entirely.

Recommended DMARC progression

  1. Week 1–2: Publish v=DMARC1; p=none; rua=mailto:reports@yourdomain.com. Collect aggregate reports.
  2. Week 3–4: Fix every sender that isn't aligned (lots of forgotten SaaS tools usually).
  3. Month 2: Move to p=quarantine; pct=10, ramping pct over weeks.
  4. Month 3: Reach p=reject. You're now fully protected.

FAQ

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting & Conformance) tells receiving mail servers what to do when an email fails SPF or DKIM checks — quarantine, reject, or do nothing. It also gives you reports on who's spoofing your domain.

What is SPF?

SPF (Sender Policy Framework) is a DNS record listing the servers allowed to send email on behalf of your domain. Without SPF, anyone can forge your "From" address.

What's a good DMARC policy?

Start with p=none for monitoring, move to p=quarantine after fixing alignment issues, then graduate to p=reject for maximum protection. Most major brands today are at p=reject.

Why is my domain not in the inbox?

Top reasons: missing SPF, missing DMARC, DMARC at p=none with alignment failures, or DKIM not configured. This tool flags the obvious gaps — for the rest, audit your DMARC reports.

Do I need DMARC if I have SPF?

Yes. SPF alone is bypassable via forwarding; DMARC adds alignment enforcement and gives you visibility via reports. As of 2024, Gmail and Yahoo require DMARC for bulk senders.