Free tool · DMARC analyzer
What does your domain's email-auth actually look like?
Live scan against the public DNS. SPF, DMARC, DKIM visibility, BIMI, MTA-STS. Each finding gets a plain-English read-out and the exact TXT record to paste if something's off. No signup, no email wall, shareable URL.
What we check
SPF · DMARC · DKIM (visibility) · BIMI · MTA-STS, all resolved live against public DNS — no cached lookups.
What you get
Overall grade, per-check detail, and for anything broken, the literal TXT record and hostname to paste into DNS.
What we don't do
Ask for your email. Charge you to see the result. Make you click through an interstitial. Read the CTA at the bottom if you want more.
Got a finding you don't want to chase?
Hand this off to Mailstinger.
We'll host the policies, rotate the keys, and watch the reports for you. One CNAME and you're done — no spreadsheets, no XML reading, no “what was this DKIM selector again?” moments at 4pm on a Friday.