Last scanned 2h ago · Mar 30, 2026, 10:53 PM
Your domain is protected. SPF, DKIM, and DMARC are configured. Suspicious emails go to spam. consider moving to full reject when ready.
First scan · Mar 30, 2026, 10:53 PM
Detected Record
v=DMARC1; p=quarantine; sp=reject; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com;
Policy
quarantine
Aggregate Reporting
mailto:d@rua.agari.com
Forensic Reporting
mailto:d@ruf.agari.com
Subdomain Policy
reject
DKIM Alignment
relaxed
SPF Alignment
relaxed
Consider escalating to p=reject once compliance is consistently above 98%.
Detected Record
v=spf1 include:_spf.apple.com include:_spf-txn.apple.com ~all
All Mechanism
~all (soft fail)
DNS Lookups
3/10
Record Length
61 bytes
Consider tightening to -all for stricter enforcement alongside your DMARC policy.
Detected Record
selector1._domainkey: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGh555cVTGrCFyGsKqZyAehAhyNLVzwSCNdtgBSol5e/KboxA6edyqdfl1EL279hNdHM9UWcXcgk/HhKPQdmgzMTA927ZXxrsHxMHjVl7Bid78qOIebr75prj3jxuH8KrZfNe14l/dh6TJZt... selector2._domainkey: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw9ZicGGW3gn0iKQfcnOsMVy+uLl+YMFonHmEslnpniYxIZ8z0Fn5nY2Gx/m69EHq05WQ8zQ0hRP8d/B0lrPIm6O3c2hiO1sQrJUnwH3jo0/asN6kRFXjTiU/PdlmWhyLdYSv80zNlKpq7qW...
Selectors
selector1, selector2
Key Length
~1024 bit
Algorithm
rsa-sha256
Upgrade DKIM key to 2048-bit for stronger cryptographic security.
Publish an MTA-STS TXT record and host a policy file at https://mta-sts.yourdomain/.well-known/mta-sts.txt.
Publish a TLS-RPT record to receive reports when sending servers fail to establish encrypted connections.
Detected Record
v=BIMI1;l=https://www.apple.com/bimi/v2/apple.svg;a=https://www.apple.com/bimi/v2/apple.pem;
Logo URL
https://www.apple.com/bimi/v2/apple.svg
SVG Status
accessible
VMC Certificate
https://www.apple.com/bimi/v2/apple.pem
DMARC Prerequisite
met