← jwatte.com

DNS + Email Authentication Audit

Queries DNS-over-HTTPS for SPF, DKIM, DMARC, CAA, MX, TXT. Validates record syntax, flags weak DMARC policies (none/quarantine), missing alignment.

Read the deep-dive blog โ†’

Audit DNS + email auth

Queries Cloudflare DNS-over-HTTPS for SPF (TXT), DMARC (_dmarc), CAA, MX, and DKIM (selector._domainkey). Scores each, flags weak DMARC policies and missing alignment. Common selectors: google for Workspace, k1 for Mailchimp, selector1 for O365, scph0820 for SparkPost.