Diagnostic tools released

We are pleased to release 3 diagnostic tools for email security. These are: SPF checker, DKIM checker and DMARC checker. Each of these tools can check a certain aspect of your email domain, and together they give you an overview of the health status of your email program. Also, whenever possible, the tools suggest actions appropriate for certain situations.

The page for accessing these tools looks like:


Go ahead and take it for a spin: DMARCLY tools.

Now let's take a look at what each of the tools can do to detect security vulneribilities in your email program.

SPF Checker

SPF checker checks if an SPF record is properly set up for a particular domain.

The checklist includes:

  • existence of an SPF record
  • syntax of the SPF record
  • presence of required mechanisms
  • absence of obsolete mechanisms, like ptr, etc.
  • if unknown mechanisms/modifers are used
  • no uppercase letter is used in the SPF record
  • the SPF record incurs no more than 10 DNS lookups
  • and more...

Here is the result for checking domain dmarcly.com's SPF record:


DKIM Checker

DKIM checker checks if a DKIM record is properly set up for a particular domain and selector.

Here is the result for checking domain dmarcly.com's DKIM record, on selector s1:


DMARC Checker

DMARC checker checks if a DMARC record is properly set up for a particular domain.

Here is the result for checking domain dmarcly.com's DMARC record:


Let us know what you think. Feature requests and suggestions are welcome!

When "SPF PermError: Too many DNS lookups" strikes