fbcdn.net

Last scanned 2h ago · Mar 30, 2026, 10:53 PM

Scan Again Export PDF

D40/100

Only SPF is configured. Your domain needs SPF, DKIM, and DMARC working together to prevent spoofing.

DMARC Policy: none1 scan total

Protocol Status

DMARC

19/35

Monitor Only

SPF

21/25

Soft Fail (~all)

DKIM

0/20

Not Detected

MTA-STS

0/10

Not Configured

TLS-RPT

0/5

Not Configured

BIMI

0/5

Not Found

Score History

D40/100

First scan · Mar 30, 2026, 10:53 PM

Latest Scan Details

DMARCMonitor Only

19/35RFC RFC 7489

Detected Record

v=DMARC1; p=none; sp=none; rua=mailto:a@dmarc.facebookmail.com

Policy

none

Aggregate Reporting

mailto:a@dmarc.facebookmail.com

Subdomain Policy

none

DKIM Alignment

relaxed

SPF Alignment

relaxed

Progress to p=quarantine and then p=reject once you have identified all legitimate senders via RUA reports.

SPFSoft Fail (~all)

21/25RFC RFC 7208

Detected Record

v=spf1 a ~all

All Mechanism

~all (soft fail)

DNS Lookups

2/10

Record Length

13 bytes

Consider tightening to -all for stricter enforcement alongside your DMARC policy.

DKIMNot Detected

0/20RFC RFC 6376

Ensure your email provider has published DKIM keys. If using a custom selector, DKIM may still be active.

MTA-STSNot Configured

0/10RFC RFC 8461

Publish an MTA-STS TXT record and host a policy file at https://mta-sts.yourdomain/.well-known/mta-sts.txt.

TLS-RPTNot Configured

0/5RFC RFC 8460

Publish a TLS-RPT record to receive reports when sending servers fail to establish encrypted connections.

BIMINot Found

0/5RFC RFC 9495

Publish a BIMI record with your brand SVG logo. Requires DMARC at p=quarantine or p=reject with pct=100.