UK’s trusted IT infrastructure partner since 2003
sales@servnetuk.com
0800 987 4111
Servnet
ToolsConfiguratorGet in Touch

Email & DNS tools

Free, instant tools to check and fix email authentication — SPF, DMARC, DKIM, MTA-STS and DNS propagation. Diagnose spoofing and deliverability gaps, then generate the exact records to publish.

SPFDKIMDMARC
SPFDKIMDMARC

Email Security Checker

All-in-one

Scan SPF, DMARC, DKIM, MTA-STS, DNSSEC and MX for a domain and get one graded report with a prioritised fix list.

Open tool →
DMARCp=rejectruaalign

DMARC Checker & Generator

DMARC

Look up and grade any domain’s DMARC policy, or build a correct v=DMARC1 record with the right reporting.

Open tool →
SPFincludeip4-all

SPF Checker & Generator

SPF

Validate SPF, count DNS lookups against the limit of 10, see the include tree, and generate a clean record.

Open tool →
DKIMselector2048-bitsign

DKIM Checker

DKIM

Verify the DKIM public key at a selector, or auto-probe the common Google, Microsoft 365 and Mailchimp selectors.

Open tool →
🌐TTLresolversA/MX/TXT

DNS Propagation Checker

DNS

Check whether an A, MX, TXT, CNAME or NS record has propagated across global public resolvers.

Open tool →

Related tools

Stop your domain being spoofed — and land in the inbox

Email is still the number-one way attackers impersonate a business, and it’s the channel customers and suppliers trust most. The three records that protect it — SPF, DKIM and DMARC — also decide whether your legitimate mail reaches the inbox or the spam folder. Since Google and Yahoo started enforcing them for bulk senders in 2024, and Microsoft followed for Outlook.com, getting them right is no longer a nice-to-have.

This free toolkit lets you check all of it in seconds and, crucially, tells you exactly what to change. Start with the Email Security Checker for a single graded report across SPF, DMARC, DKIM, MTA-STS and DNSSEC, then drill into the DMARC, SPF and DKIM tools to fix and generate each record. After you publish a change, use the DNS Propagation Checker to confirm it’s live worldwide.

DMARCpolicy + reporting — ties it togetherDKIMcryptographic signatureSPFauthorised sending IPsMTA-STS + TLSencrypted, downgrade-proof transportMXwhere mail is deliveredDNSSECsigns the DNS answers underneath

How the layers fit together — DNSSEC signs the DNS underneath; DMARC ties SPF and DKIM together on top.

🛡️ Want it done for you? Servnet has secured UK business email since 2001. We roll out SPF, DKIM and DMARC safely — monitoring first, then enforcing — as part of managed cyber security.

Email & DNS tools — common questions

What are email authentication records?

SPF, DKIM and DMARC are DNS records that tell receiving mail servers which servers may send mail for your domain (SPF), let them cryptographically verify a message wasn’t altered (DKIM), and tell them what to do when those checks fail (DMARC). Together they stop criminals spoofing your domain and improve your deliverability.

Why do these matter more in 2024 and beyond?

Google and Yahoo began requiring SPF, DKIM and DMARC for bulk senders in February 2024, and Microsoft’s Outlook.com introduced similar requirements for high-volume senders in 2025. Domains without proper authentication increasingly see mail rejected or sent to spam, so these are no longer optional for business email.

Are the tools free, and is anything stored?

Every tool is free with no sign-up. The live checkers query public DNS on our server and return the result; we don’t store the domains you check. The SPF and DMARC generators run entirely in your browser.

Do I need to be technical to use them?

No. The checkers explain each result in plain English and give you the exact record to publish. If you’d rather hand it over, Servnet can roll out and monitor email authentication for you.

Where do I publish the records they generate?

All of them are DNS TXT records you add at your DNS host (the company that manages your domain’s nameservers). SPF goes at the domain root, DMARC at _dmarc.yourdomain.com, and DKIM at selector._domainkey.yourdomain.com.