Email Security

SPF, DKIM, DMARC, BIMI and email authentication analysis
Score
45/100
SPF
Valid
DKIM
Missing
DMARC
NONE
Findings
6

Security Findings

SPF 1

SPF exceeds recommended lookup limit
warning

DKIM 1

No DKIM selectors detected
warning

DMARC 3

No DMARC reporting addresses configured
operational_recommendation / warning / RFC 9989 7
No explicit subdomain policy defined (sp tag missing)
operational_recommendation / warning / RFC 9989 4
DMARC depends entirely on SPF alignment
security_posture / warning / RFC 9989 4

MTA-STS 0

No MTA-STS policy issues detected

TLS-RPT 0

No TLS-RPT policy issues detected

STARTTLS 1

No MX hosts were found, so inbound SMTP STARTTLS cannot be tested.
informational / info / RFC 3207 4

BIMI 0

BIMI is not configured (optional)

Improvement Opportunities

+15 points Reduce SPF DNS lookups below 10
+25 points Configure DKIM signing
+15 points Enable DMARC enforcement (p=reject)

Score Calculation

Component Score Reason
SPF Record 10 / 10 SPF record detected
SPF Enforcement 20 / 20 Hard fail policy (-all)
SPF Lookup Health 0 / 10 Lookup limit exceeded
SPF PTR Usage 5 / 5 No PTR mechanism detected
SPF Include Validation 5 / 5 All SPF includes resolved
DKIM 0 / 25 No valid DKIM selectors detected
DMARC Record 10 / 10 DMARC record detected
DMARC Enforcement 5 / 20 Policy set to none
Total 45 / 100