No DMARC record
Publish a monitoring record only after confirming the reporting destination and ownership of the domain.
Free public DNS check
Enter a domain to inspect public DNS records and common authentication signals. The result is a point-in-time technical check, not a deliverability test, security guarantee or compliance assessment.
This site is protected by reCAPTCHA. Google’s Privacy Policy and Terms of Service apply.
DKIM discovery is necessarily incomplete because selectors are chosen by sending providers and are not globally enumerable. A missing selector result does not prove that a domain has no DKIM signing.
Publish a monitoring record only after confirming the reporting destination and ownership of the domain.
Collect aggregate reports, identify legitimate sources and fix alignment gaps before requesting stronger handling.
Continue monitoring because mail services and DNS configuration change over time.
Review the full include chain and authorised senders before editing the record.
DNS records show intended configuration. DMARC aggregate reports show which systems are actually using the domain and whether SPF or DKIM aligns. Managed DMARC combines those reports with ongoing review and policy decisions.
Yes. The public DNS check does not require an account.
No. Authentication is one input. Delivery also depends on receiver policy, reputation, content and other factors outside this check.
No. It tests supported, commonly used selectors. Selectors are not designed to be enumerated, so absence is not proof that DKIM is not in use.
No. It reads public DNS and does not modify the domain.
DNS timeouts, broken DNSSEC validation, delegation problems or provider-side errors can prevent a reliable answer. Retry later or ask the DNS operator to investigate.
Use aggregate reports and a repeatable review process to understand authentication across customer domains.