Inbox confidence without the mystery
Learn Plans Sign in
Email authentication checker

Check SPF, DKIM and DMARC before they hurt delivery.

Email authentication tells mailbox providers whether a message is allowed to use your domain. SamuelGuard checks the records and received-message evidence, then explains what needs attention.

Run a free email spam test View plans
Spam scoreExplainable
AuthenticationSPF DKIM DMARC
Inbox riskPlain-English fixes
SPF Pass? Sender permission
DKIM Signed? Message integrity
DMARC Aligned? Domain policy
MX Present? Domain mail readiness

What SPF checks

SPF lists the mail servers and services allowed to send for a domain. If your email platform is missing from SPF, the message can look unauthorised.

  • Only publish one SPF record per domain.
  • Include each legitimate sending service.
  • Watch the DNS lookup limit when records become complex.
  • Check the return-path domain, not only the visible From domain.

What DKIM checks

DKIM adds a cryptographic signature to the message. It helps prove that the email was not changed in transit and that the sending service has permission to sign for the domain.

  • Enable DKIM in your email platform.
  • Publish the selector record exactly as provided.
  • Check that the DKIM domain aligns with your From domain where possible.
  • Retest after DNS changes propagate.

What DMARC checks

DMARC tells receivers what to do when SPF or DKIM do not align with the visible From domain. Even a simple DMARC record is better than none.

  • Start with a monitoring policy if you are unsure.
  • Move slowly before enforcing quarantine or reject.
  • Make sure legitimate senders pass SPF or DKIM alignment.
  • Review reports before tightening policy.

Why test a real message

DNS records matter, but a real email shows what actually happened. SamuelGuard checks both setup and message evidence where available.

  • Forward or send the exact message you plan to use.
  • Check whether authentication passed in the received headers.
  • Look for alignment problems between services and domains.
  • Retest after changing DNS or email platform settings.
FAQ

Common questions

Is DMARC required?

DMARC is increasingly expected for legitimate senders. It is especially important when sending from branded business domains.

Can SPF, DKIM and DMARC fix every spam problem?

No. Authentication is the foundation, but content, reputation, engagement, and sending behaviour still matter.

Next step

Forward a real email and see what SamuelGuard finds.

SamuelGuard gives you a spam risk score, delivery health, authentication checks, blacklist checks, content warnings, and practical fixes you can act on before the next send.

Start a free test Read the deliverability guide

Related guides

Why are my emails going to spam?

Understand the bigger picture.

Email spam checker

Test a real message.

Email deliverability checklist

Review the pre-send basics.