DomainOpsDomainOps
← Back to all tools

Email Authentication Audit

Audit SPF, DKIM, and DMARC for up to 50 domains in one go. We'll give you a portfolio grade plus a per-domain breakdown — no signup required.

0 domains

Up to 50 domains. Newline- or comma-separated. We'll check SPF, DKIM (common selectors), and DMARC records.

About email authentication

SPF, DKIM, and DMARC together let receiving mail servers verify that messages claiming to come from your domain actually do. Misconfigured email auth is the most common reason legitimate email lands in spam — and an open SPF policy is the most common attack vector for phishing.

DomainOps watches your SPF, DKIM, and DMARC records continuously and alerts you the moment they drift. This free audit is a one-shot snapshot — sign up to monitor ongoing.

FAQ

Why does my domain show no DKIM?

We probe a curated list of common DKIM selectors (default, selector1, selector2, google, k1, …). If your provider uses a custom selector that isn't in our list, the audit will flag DKIM as missing — but mail can still be signed. The full DomainOps app accepts a custom selector list.

What does the portfolio grade mean?

A: all domains pass. B: minor warnings on a few domains. C: warnings on most domains. D: more than half warn or one outright fail. F: at least one domain has a failing check (missing record, multiple SPF, broken syntax).

How is this rate-limited?

Three bulk audits per IP per hour. We probe many DNS records per domain, and CT logs / DNS providers throttle high-volume callers — the cap keeps the service available for everyone.