Email Deliverability Tester

Check SPF, DKIM, DMARC, and MX records to ensure your emails reach the inbox.

What It Checks

SPF: Sender Policy Framework (authorized sending IPs)
DKIM: DomainKeys Identified Mail (email signing)
DMARC: Domain-based Message Authentication (policy enforcement)
MX Records: Mail server configuration
Blacklists: Check if domain/IP is on spam lists
DNSSEC: DNS security for email records

Quick Test

Go to Email Deliverability Tester
Enter your domain (example.com)
Click "Test" — see pass/fail results
Follow recommendations to fix issues

SPF (Sender Policy Framework)

Purpose: Lists IP addresses authorized to send email for your domain.

Example SPF Record:

v=spf1 include:_spf.google.com include:spf.protection.outlook.com ~all

Mechanisms:

+all — Allow all (never use — spam risk!)
~all — Soft fail (recommended — mark as spam if from unauthorized IP)
-all — Hard fail (reject if not authorized)

Common Issue: Too many DNS lookups (max 10). Use `ip4:` instead of nested includes when possible.

DKIM (DomainKeys Identified Mail)

Purpose: Cryptographic signature proves email wasn't tampered with.

How It Works:

Your mail server signs outgoing emails with private key
Public key published in DNS (selector._domainkey.example.com TXT record)
Receiving server verifies signature using public key

Common Selectors: google, default, k1, s1, dkim

Check Your DKIM: Tool queries default._domainkey.yourdomain.com TXT record

DMARC (Email Policy)

Purpose: Tells receiving servers what to do if SPF/DKIM fail.

Example DMARC Record:

v=DMARC1; p=quarantine; rua=mailto:[email protected]; pct=100; adkim=s; aspf=s

Policy Options:

p=none — Monitor only (get reports, don't block)
p=quarantine — Send to spam folder
p=reject — Block completely

Best Practice: Start with `p=none`, analyze reports for 2 weeks, then move to `p=quarantine` or `p=reject`.

MX Records

Specifies mail servers for your domain. Tool checks:

At least 1 MX record exists
All MX hosts resolve to valid IPs
Multiple MX records for redundancy (recommended)
Priority values are set (lower = higher priority)

Example:

example.com.   IN MX 10 mail1.example.com.
example.com.   IN MX 20 mail2.example.com.

Blacklist Check

Tool checks your domain/IP against 50+ spam blacklists:

Spamhaus ZEN
Barracuda
SURBL
URIBL

If blacklisted:

Identify why (compromised server, spam complaints, etc.)
Fix root cause
Request delisting (each blacklist has removal process)
Consider switching to dedicated IP or transactional email service

Common Issues & Fixes

Issue	Fix
No SPF record	Add TXT record: `v=spf1 mx ~all`
No DKIM	Generate keys in mail server, publish public key in DNS
No DMARC	Add `_dmarc.example.com` TXT record with policy
SPF too many lookups	Flatten SPF (replace includes with IP ranges)
DKIM selector not found	Check mail server config for correct selector name

Best Practices

✅ Implement all three: SPF + DKIM + DMARC
✅ Use DMARC reports to monitor (rua= email address)
✅ Keep SPF under 10 DNS lookups
✅ Rotate DKIM keys annually
✅ Use dedicated IP for high-volume sending
❌ Don't use +all in SPF (security nightmare)
❌ Don't go straight to p=reject (test withp=none first)

Test Your Email Deliverability

Run Deliverability Test →