curl "https://domscan.net/v1/email-auth?domain=example.com"
Example Response
{
"domain": "example.com",
"spf": {
"record": "v=spf1 include:_spf.google.com ~all",
"valid": true,
"mechanisms": ["include:_spf.google.com"],
"qualifier": "~all"
},
"dmarc": {
"record": "v=DMARC1; p=reject; rua=mailto:dmarc@example.com",
"policy": "reject",
"valid": true
},
"dkim": {
"selector": "google",
"valid": true,
"key_type": "rsa",
"key_bits": 2048
},
"grade": "A",
"recommendations": []
}
Key Features
SPF Validation
Parse and validate Sender Policy Framework records.
DMARC Analysis
Check DMARC policy configuration and reporting.
DKIM Verification
Validate DomainKeys Identified Mail signatures.
Security Grade
Get an overall A-F grade for email security posture.
Actionable Recommendations
Receive specific fixes for misconfigurations.
Multiple Selector Support
Check common DKIM selectors automatically.
Policy Explanation
Understand what each policy means in plain English.
Spoofing Risk Assessment
Evaluate vulnerability to email spoofing attacks.
Frequently Asked Questions
Sender Policy Framework (SPF) is a DNS record that specifies which mail servers are authorized to send email for your domain.
Domain-based Message Authentication, Reporting & Conformance (DMARC) tells receiving servers how to handle emails that fail SPF or DKIM checks.
DomainKeys Identified Mail (DKIM) adds a digital signature to outgoing emails, allowing receivers to verify the message was not altered.
SPF, DKIM, and DMARC work together. SPF authorizes servers, DKIM signs messages, and DMARC sets policy. All three provide comprehensive protection.
Check Email Authentication
Start for free with 10,000 credits per month. Start checking domains in seconds.
View Full API Documentation