DKIM SPF DMARC Lookup - Email Authentication Validator
Check email authentication records for any domain. Validate DKIM signatures, SPF policies, and DMARC settings to improve email deliverability and security.
About Email Authentication Records
Email authentication helps prevent email spoofing and phishing by verifying that senders are authorized to use your domain name.
DKIM (DomainKeys Identified Mail)
DKIM adds a digital signature to outgoing email messages that can be verified by receiving mail servers. A DKIM record contains a public key that receiving mail servers use to verify the signature authenticity.
SPF (Sender Policy Framework)
SPF specifies which mail servers are authorized to send email on behalf of your domain. It helps prevent spammers from sending messages with forged "From" addresses at your domain.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
DMARC builds on SPF and DKIM to tell receiving mail servers what to do when messages fail authentication checks. It also provides a reporting mechanism so you can see who is sending email using your domain.
Why These Records Matter
- Improve email deliverability
- Protect your domain reputation
- Defend against email spoofing and phishing
- Gain visibility into email traffic using your domain
Understanding This Tool
What It Does
Check DKIM, SPF, and DMARC records for a domain to understand its email authentication and security configuration. These records work together to prevent email spoofing and improve email deliverability.
Understanding the Results
- SPF Record: Specifies which IP addresses can send email for the domain
- DKIM Records: Digital signatures for authenticating outgoing emails
- DMARC Policy: Instructions for handling emails that fail authentication
- Alignment: Whether SPF/DKIM align with DMARC policy
- Policy Action: What happens to emails that fail checks (none, quarantine, reject)
Common Use Cases
- Email Deliverability: Set up authentication to improve inbox placement
- Anti-Spoofing: Prevent others from sending emails that appear to be from your domain
- Phishing Prevention: Implement DMARC to detect and block spoofed emails
- Email Setup: Configure new email providers with proper authentication
- Compliance: Meet regulatory requirements for email authentication
Pro Tips & Best Practices
- All Three Records: Use SPF, DKIM, and DMARC together for maximum protection
- DMARC Monitoring: Start with 'none' policy to monitor before enforcement
- Subdomain Policy: Create separate DMARC policies for subdomains if needed
How this tool works: This tool runs in your browser and on our server in real time. Depending on the tool, results are computed directly from the input you provide or retrieved from live, authoritative data sources at the moment you run a lookup. We do not sell your data, and your lookups are kept private — any history shown here is stored only on your device.