Free Utility

Mail Server
Security Check

Instantly analyze your domain's email security posture. We check SPF, DKIM, DMARC, and MX records to ensure your emails reach inboxes and prevent spoofing. Powered by Rekon.

Domain Name *

DKIM Selector (Optional)

Leave blank if unknown. We'll try common selectors automatically.

Why this matters

Deliverability

Properly configured records ensure your legitimate emails don't end up in spam folders.

Anti-Spoofing

DMARC prevents attackers from sending malicious emails that appear to come from your domain.

Authentication

DKIM cryptographically signs your emails to verify they haven't been altered in transit.

Analysis Results for teknic.io

Run a live check to populate results from Rekon.

85/100

Good Security Posture

Your domain has basic protections in place, but DMARC policy could be stricter. See recommendations below.

Passed

Warnings

Failed

Rekon probe pending

Awaiting lease

Probe metadata will appear after lease.

Mail security check waiting for execution metadata.

Waiting for probe lease Queueing on Rekon

Awaiting capabilities

SPF Record

Sender Policy Framework

Valid

v=spf1 include:_spf.google.com include:sendgrid.net ~all

Syntax Valid

DNS Lookups 3 / 10 limit

Policy Strength SoftFail (~all)

DKIM Record

DomainKeys Identified Mail

Found

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...

Selector Checked google

Key Type RSA

Key Length 2048-bit

DMARC Record

Domain-based Message Authentication

Warning

v=DMARC1; p=none; rua=mailto:[email protected];

Policy (p) None (Monitoring only)

Aggregate Reports (rua) Configured

Forensic Reports (ruf) Not configured

MX Records

Mail Exchange Servers

Valid

Priority	Hostname
1	aspmx.l.google.com
5	alt1.aspmx.l.google.com
5	alt2.aspmx.l.google.com

Provider Detected Google Workspace

Actionable Recommendations

Upgrade DMARC Policy

Your current policy is set to 'none', which only monitors traffic. Attackers can still spoof your domain.

Change p=none to p=quarantine or p=reject

Consider Strict SPF

You are using a SoftFail (~all) mechanism. While safe for deliverability, a HardFail (-all) provides better protection if you are certain all sending sources are included.

Change ~all to -all

Fixing email issues?

If you need help configuring your DNS records, securing your Microsoft 365 / Google Workspace, or require a full security audit, our IT consulting team is ready to assist. Powered by Rekon.

Contact IT Support Request a Pen Test

Mail Server Security Check