Email Security
Score
60/100
SPF
Valid
DKIM
Key present
DMARC
Missing
Findings
4
Security Findings
SPF 1
SPF uses soft fail (~all)
security_posture / warning / RFC 7208 5.1
DKIM 1
DKIM key is 1024-bit (allowed but deprecated)
security_posture / warning / RFC 6376 3.6.1
DMARC 1
No DMARC record detected
warning
MTA-STS 0
No MTA-STS policy issues detected
TLS-RPT 0
No TLS-RPT policy issues detected
STARTTLS 1
No MX hosts were found, so inbound SMTP STARTTLS cannot be tested.
informational / info / RFC 3207 4
BIMI 0
BIMI is not configured (optional)
Improvement Opportunities
+5 points
Change SPF policy from ~all to -all
+5 points
Upgrade 1 DKIM key(s) to 2048-bit
+30 points
Publish a DMARC record with enforcement
Score Calculation
| Component | Score | Reason |
|---|---|---|
| SPF Record | 10 / 10 | SPF record detected |
| SPF Enforcement | 15 / 20 | Soft fail policy (~all) |
| SPF Lookup Health | 10 / 10 | 6 DNS lookups |
| SPF PTR Usage | 5 / 5 | No PTR mechanism detected |
| SPF Include Validation | 5 / 5 | All SPF includes resolved |
| DKIM | 20 / 25 | 2 valid selector(s) |
| DMARC Record | 0 / 10 | No DMARC record detected |
| DMARC Enforcement | 0 / 20 | No DMARC policy available |
| Total | 60 / 100 |