SPF, DKIM & DMARC Checker
Check a domain's email authentication setup — SPF, DMARC and (optionally) a DKIM selector.
Quick answer: Check a domain's email authentication setup — SPF, DMARC and (optionally) a DKIM selector.
Last updated
Frequently asked questions
- Why do I need SPF, DKIM and DMARC?
- All three tell receiving mail servers that your email really came from your domain — together they prevent spoofing, raise inbox-placement rates and block phishing using your brand. Missing any one is a deliverability red flag.
- Where do I find the DKIM selector?
- Your email provider gives it to you when you set up DKIM. Common defaults: <code>google</code> for Workspace, <code>k1</code> for Mailchimp, <code>selector1</code>/<code>selector2</code> for Microsoft 365, <code>s1</code> for SendGrid. Without a selector we skip DKIM and check SPF + DMARC only.
- What does 'DMARC policy: none' mean?
- Your DMARC record is published but in monitoring mode — failing messages are still delivered. Move to <code>p=quarantine</code> then <code>p=reject</code> once you're confident your legitimate mail authenticates correctly.
- Is the lookup logged?
- We record per-request stats (status, duration) for fairness, but the domain queried is not stored or shared.
- Is there a rate limit?
- Yes — about 60 lookups per minute per IP.