EmailAudit.io

Free Email Security Tools

Checkers validate your live DNS configuration. Generators build records you can paste directly into DNS. All free, no account required.

Checkers

SPF Record Checker

Validate your Sender Policy Framework record. Checks mechanisms, DNS lookup counts, and the all mechanism enforcement level.

  • Record syntax
  • DNS lookup count (10 max)
  • Mechanism analysis
  • Multiple record detection

DKIM Validator

Probe 22+ common DKIM selectors to find and validate your signing keys. Automatically detects your mail provider.

  • 22+ selector probing
  • Provider auto-detection
  • Key revocation check
  • Test mode detection

DMARC Scorer

Analyse your DMARC policy, enforcement percentage, alignment settings, and aggregate/forensic reporting configuration.

  • Policy level (none/quarantine/reject)
  • Enforcement percentage
  • Alignment settings
  • Reporting URIs

MTA-STS + TLS-RPT Checker

Check your MTA-STS DNS record and policy file, validate MX host entries, and verify TLS-RPT reporting is configured.

  • DNS record detection
  • Policy file reachability
  • MX validation
  • TLS-RPT check

Blacklist Checker

Resolve your domain to IPs, check all mail server IPs against 12 DNS-based blacklists including Spamhaus, Barracuda, and SpamCop.

  • 12 DNSBL zones
  • Domain + IP checks
  • Severity classification
  • Delisting guidance

Email Security Score

Run all 5 checks simultaneously and receive a single 0–100 score with a letter grade (A–F) for your domain.

  • All 5 checks in parallel
  • Weighted 100-point score
  • Letter grade (A–F)
  • Prioritised findings

Email Header Analyzer

Paste raw email headers to trace the full delivery path, detect spoofing indicators, and verify SPF, DKIM, DMARC, and ARC authentication results.

  • Hop-by-hop routing trace
  • SPF/DKIM/DMARC/ARC auth
  • Spoofing & anomaly flags
  • Transit time analysis

Generators

SPF Record Generator

Select your email providers, add custom includes and IP ranges, choose your enforcement level, and get a ready-to-publish SPF record.

  • Provider toggle selection
  • Custom includes & IPs
  • Lookup count warning
  • Enforcement level guide

DMARC Record Generator

Configure your DMARC policy level, reporting addresses, alignment settings, and percentage — record builds in real time.

  • Policy level cards
  • Aggregate & forensic rua/ruf
  • Alignment (adkim/aspf)
  • Gradual rollout (pct)

DKIM Record Generator

Paste the public key from your email provider and get the correctly formatted DKIM TXT record name and value to publish in DNS.

  • Auto-strips PEM headers
  • RSA & Ed25519 support
  • Selector suggestions
  • Separate name & value copy

MTA-STS Policy Generator

Generate both the MTA-STS policy file to host on your domain and the DNS TXT record needed to activate it.

  • Testing & enforce modes
  • Multiple MX hosts
  • Max age options
  • Policy file + DNS record