SPF / DKIM / DMARC Checker
Validate TXT records and highlight common misconfigurations.
What to look for
- SPF: a single record, terminal policy (~all or -all), DNS lookups ≲ 10.
- DKIM: correct selector and a published public key (p=...).
- DMARC: p=quarantine/reject for enforcement, rua= for reports, alignment (adkim/aspf).
About
Email authentication depends on correct DNS records. This checker helps you validate SPF, DKIM and DMARC so you can improve deliverability and reduce spoofing risk. It’s useful when emails go to spam, authentication fails, or you’re setting up a new sending domain.
The tool reads the relevant DNS records and presents them in a more readable way. You can quickly see whether records exist, whether syntax looks valid, and whether policies are strict enough for your needs.
Remember that providers have different interpretations and additional heuristics. Use this tool as a fast diagnostic step, then test with your mail provider and examine sending logs for final confirmation.
FAQ
›What is SPF?
SPF is a DNS TXT policy that declares which servers are allowed to send email for a domain.
›What is DKIM?
DKIM signs outgoing mail with a cryptographic key. The public key is published in DNS and used to verify authenticity.
›What is DMARC?
DMARC ties SPF and DKIM together and tells receivers what to do when authentication fails (none/quarantine/reject).
›Why do changes not show up immediately?
DNS caching and TTL can delay visibility. Check propagation and allow time after updates.
›Does this guarantee inbox placement?
No. It helps validate core authentication, but reputation, content, and engagement also affect placement.
Related Tools
- DNS Propagation Checker/tools/network/dns-check
- HTTP Headers & Redirects/tools/network/headers
- TLS/SSL Checker/tools/network/tls-check
- What Is My IP?/tools/network/my-ip
- ASN / Prefix Lookup/tools/network/asn