gstatic.com

Last scanned 2h ago · Mar 30, 2026, 10:53 PM

Scan Again Export PDF

D38/100

Only SPF is configured. Your domain needs SPF, DKIM, and DMARC working together to prevent spoofing.

DMARC Policy: none1 scan total

Protocol Status

DMARC

21/35

Monitor Only

SPF

17/25

Configured

DKIM

0/20

Not Detected

MTA-STS

0/10

Not Configured

TLS-RPT

0/5

Not Configured

BIMI

0/5

Not Found

Score History

D38/100

First scan · Mar 30, 2026, 10:53 PM

Latest Scan Details

DMARCMonitor Only

21/35RFC RFC 7489

Detected Record

v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com

Policy

none

Aggregate Reporting

mailto:mailauth-reports@google.com

DKIM Alignment

relaxed

SPF Alignment

relaxed

Progress to p=quarantine and then p=reject once you have identified all legitimate senders via RUA reports.

SPFConfigured

17/25RFC RFC 7208

Detected Record

v=spf1 ?all

All Mechanism

?all (neutral)

DNS Lookups

1/10

Record Length

11 bytes

Change ?all to ~all or -all for meaningful sender authorization.

DKIMNot Detected

0/20RFC RFC 6376

Ensure your email provider has published DKIM keys. If using a custom selector, DKIM may still be active.

MTA-STSNot Configured

0/10RFC RFC 8461

Publish an MTA-STS TXT record and host a policy file at https://mta-sts.yourdomain/.well-known/mta-sts.txt.

TLS-RPTNot Configured

0/5RFC RFC 8460

Publish a TLS-RPT record to receive reports when sending servers fail to establish encrypted connections.

BIMINot Found

0/5RFC RFC 9495

Publish a BIMI record with your brand SVG logo. Requires DMARC at p=quarantine or p=reject with pct=100.