Email authentication checker
Check a domain's SPF, DMARC, MX, and (optionally) DKIM records.
SPF, DKIM, and DMARC tell receiving servers your mail is legitimate — without them, messages get filtered to spam or rejected. Enter a domain to check its SPF record, DMARC policy, and MX records (and DKIM if you provide a selector), with plain-English notes on anything missing.
Frequently asked questions
What's the difference between SPF, DKIM, and DMARC?
SPF lists who can send for your domain, DKIM cryptographically signs messages, and DMARC ties them together and tells receivers what to do on failure.
Why do I need a DKIM selector?
DKIM keys live at selector._domainkey.yourdomain, and the selector is chosen by your mail provider — so we can't guess it. Enter the selector your provider gave you.
Do I need all three records?
For reliable inbox placement, yes. Gmail and Yahoo now require SPF, DKIM, and a DMARC record for bulk senders, and missing any one increases the chance of spam folder placement or rejection.
Which record should I set up first?
Publish SPF and DKIM first so your mail authenticates, then add DMARC at p=none to collect reports, and only tighten to quarantine or reject once those reports look clean.
Why does my mail still go to spam with all three passing?
Authentication proves who sent the mail, not that recipients want it. Sending reputation, content, list hygiene, and whether your IP or domain is blacklisted all affect placement too.
How is this different from the dedicated SPF, DKIM, and DMARC tools?
This gives a combined snapshot of all three plus MX in one lookup; the individual checkers go deeper — for example expanding SPF includes and counting the 10-lookup limit, or validating a specific DKIM key.
More Email & deliverability tools tools
Want this checked automatically and around the clock? Create a free SJ Monitor account and we'll alert you the moment something changes.