MX · SPF · DMARC · DKIM

Email deliverability checker.

Inspect any domain's email authentication. We'll surface the misconfigurations that quietly send legitimate mail to spam — multiple SPF records, p=none DMARC, missing MX, and friends.

The four signals every sending domain needs

  • MX — points to the mail server that accepts incoming mail. Without this, the domain can't receive mail at all.
  • SPF — TXT record listing which IPs and includes are allowed to send mail "from" this domain. End with -all or ~all to enforce.
  • DMARC — published at _dmarc.<domain>, tells recipients what to do when SPF/DKIM fails. p=reject is the strongest policy; p=none is monitor-only and doesn't actually prevent spoofing.
  • DKIM — cryptographic signature attached to outgoing mail. The public key is published at <selector>._domainkey.<domain>. Selectors are domain-specific (Google uses google; SendGrid uses s1, s2; Postmark uses pm).

JSON API

GET /api/email/<domain>?selector=<selector> returns the same data. Example: /api/email/google.com.