4 Protocols Checked Per Scan

Your Emails Are Being Silently Rejected

Google and Microsoft permanently block emails from non-compliant domains. 75% of businesses fail this check. Find out in 10 seconds if yours does.

Free · No signup · Results in 10 seconds

Enterprise tools charge $525–$6,300/year for this analysis. We do it free.

4 Protocols Checked Per Scan
4 Authentication Protocols Checked
< 10s Scan Time
3 Compliance Frameworks Verified
Gmail 2025 Compliant Check
Microsoft 2025 Compliant Check
PCI DSS v4 Compliant Check
The Hidden Risk

Your Emails Are Disappearing — And You Don’t Know It

Most email delivery failures are invisible. No bounce. No notification. No trace.

Silent Rejection by Gmail and Microsoft

Gmail and Microsoft enforce email authentication with permanent rejection. 84% of domains fail this check — and their senders never find out.

Anyone Can Impersonate Your Domain

Without DMARC enforcement, any server can send email appearing to come from your address. Your clients receive convincing fraud attempts using your brand name.

PCI DSS v4 Now Requires DMARC

PCI DSS v4 — effective March 2025 — mandates DMARC for all organizations processing payment cards. Non-compliance: $5,000–$100,000 per month in fines.

The fix takes 15 minutes — if you know what to change.

How It Works

Enterprise-Grade Diagnostics. One-Click Simplicity.

We check every email authentication protocol against current Gmail, Microsoft, and PCI DSS requirements. No passwords, no access, no installation required.

1

Enter Your Domain

Type yourdomain.com — no www, no http://. We don’t need your passwords, email access, or any login credentials. Everything we check is publicly visible DNS data that anyone can look up.

2

We Scan Everything

We check SPF, DKIM, DMARC, and MX records against Gmail 2025, Microsoft 2025, and PCI DSS v4 requirements simultaneously. Results return in under 10 seconds — the same checks an IT consultant would bill $200/hour to do manually.

3

Get Your Actionable Report

Your report shows every issue found, sorted by severity (CRITICAL → HIGH → MEDIUM → LOW), with exact DNS records to copy and paste directly into your domain settings. One page. No interpretation required.

Unlike free checkers, we map every finding to the exact compliance requirement it violates — and generate the precise DNS record you need to fix it.

Risk Calculator

Calculate Your Annual Risk Exposure

Based on IBM’s 2024 Cost of Data Breach report, adjusted for your organization’s size, industry, and email volume.

Company Size
Monthly Email Volume

Estimated Annual Risk

$21,600/year at risk

Based on IBM 2024 average breach cost ($4.88M), email-vector attack share (28%), and your organization profile.

Eliminate this risk for $47. One-time. No subscription.

Scan Your Domain Free
Pricing

Enterprise Diagnostics. Not Enterprise Prices.

What others charge $2,000–$5,000 for as an annual consulting engagement, we deliver in 10 seconds for a one-time fee.

Traditional email security audits: $2,000–$5,000. Enterprise platforms: $525–$6,300/year. InboxAuditHQ:

Quick Fix Guide
$47 one-time

For business owners who need the exact DNS records to add — without the full analysis.

  • Instant domain scan
  • CRITICAL and HIGH priority findings only
  • Exact DNS records to copy and paste
  • Step-by-step instructions for Cloudflare, GoDaddy, Namecheap
  • Delivered instantly via email
  • Full analysis (all severity levels)
  • Compliance certification
  • Priority action roadmap
  • Done-for-you implementation
Get Quick Fix — $47

Instant delivery. No subscription. No expiry.

Most Popular Full Diagnostic Audit
$197 one-time
Save $4,803 vs enterprise audits

For teams that want the complete picture — every issue, every fix, full compliance certification.

  • Everything in Quick Fix Guide
  • All severity levels: CRITICAL · HIGH · MEDIUM · LOW
  • Gmail 2025 compliance status
  • Microsoft 2025 compliance status
  • PCI DSS v4 compliance status
  • Priority action roadmap (numbered fix order)
  • Branded PDF report — share with your IT team or auditor
  • Done-for-you DNS implementation
Get Full Audit — $197

Delivered instantly. Includes compliance certification. Forward to your IT team or auditor.

Done-For-You Setup
$497 one-time

We log into your DNS provider and configure everything ourselves. You verify. Done.

  • Everything in Full Diagnostic Audit
  • We access your DNS (temporary, limited, supervised)
  • We add all required SPF, DKIM, and DMARC records
  • Post-implementation verification scan
  • 24-hour turnaround guaranteed
  • Completion certificate with before/after comparison
Get It Done For Me — $497

Most setups complete within 24 hours. Enterprise audits charge $2,000–$5,000 for the same work.

Zero-Risk Guarantee

If we complete your scan and find zero issues with your domain, you pay nothing. No questions, no forms, no hassle.

We stand behind our scanner because a clean result is a good outcome — you’ve confirmed your domain is protected. Any purchased report that returns a clean scan is fully refunded.

Stay Protected After the Audit

Email authentication degrades. DNS records get changed by accident. New sending tools silently break your SPF record. We check weekly and alert you the moment anything changes — before Gmail catches it first.

Add Monitoring — $49/month

Weekly automated scans · Instant alerts · Monthly summary report. Cancel anytime.

Live Scan Activity

  • ex████████.com — Score: 23/100 — F — 3m ago
  • bu███████.com — Score: 67/100 — D — 8m ago
  • ma███.io — Score: 85/100 — B — 11m ago
  • sh████.co — Score: 12/100 — F — 14m ago
  • ac███████.com — Score: 94/100 — A — 19m ago
FAQ

Frequently Asked Questions

Just your domain name — nothing else. No email, no login, no credit card for the free scan. Type yourdomain.com and click Scan. We look up publicly available DNS records and return results in under 10 seconds. The only thing we ask for optionally: an email address to send you a copy of your results.

Free tools like MXToolbox show raw DNS records — you still have to interpret them. We translate every finding into plain English, map it to the exact compliance requirement it violates (Gmail 2025, Microsoft 2025, PCI DSS v4), and generate the exact DNS fix record. What takes an IT consultant 2 hours to do manually, we return in 10 seconds.

In most cases, yes — if the cause is authentication failures. We check the four factors Gmail and Microsoft use to grade your domain: SPF, DKIM, DMARC, and MX records. If your deliverability problem is authentication-related (75% of cases), fixing these records improves inbox placement within 2–4 weeks. We tell you upfront if your issues are authentication-related or something else.

Yes — that’s our $497 Done-For-You tier. We request temporary, limited access to your DNS provider, add the required records ourselves, and run a post-implementation verification scan. Most setups complete in 24 hours. Traditional email security consultants charge $2,000–$5,000 for this same work. We do it for $497, once, with a guarantee.

We check against: Gmail Sender Requirements (enforced November 2025), Microsoft 365 Email Authentication Requirements (enforced May 2025), PCI DSS v4.0 Section 12.2.2 (effective March 2025), RFC 7208 (SPF), RFC 6376 (DKIM), and RFC 7489 (DMARC). Every finding in your report references the specific standard it violates and links to the official requirement documentation.

Probably, yes. A DMARC record set to p=none — the most common configuration — provides zero protection. It monitors but doesn’t block spoofing. 75% of domains with DMARC have it in monitoring-only mode. Our scan shows whether your configuration actually enforces protection or just reports on attacks after the fact. One scan, 10 seconds, you’ll know for sure.

You pay nothing. If our scan returns a clean result — SPF, DKIM, DMARC, and MX all passing, all three compliance standards met — any paid report you purchased is fully refunded. We don’t charge for confirming you’re protected. That’s our guarantee, and it applies to every tier.

The free scan takes under 10 seconds. Paid reports are delivered instantly — nothing is written by hand, so there’s no wait. The Done-For-You implementation takes up to 24 hours depending on DNS propagation time (typically 15–30 minutes per change, occasionally up to 48 hours for global propagation). We send a confirmation scan once all records are live.

We only look up public DNS records — the same data anyone can see with a free dig command. We never ask for server access or email credentials (except Done-For-You, where access is temporary and limited to the specific records being added). Scan results are stored encrypted and purged after 90 days. We don’t sell or share domain data with third parties.

Yes — $49/month covers weekly automated scans, instant email alerts if anything changes or degrades, and a monthly summary report. One accidental DNS change at your hosting provider can silently break your entire authentication setup. Monitoring catches it before Gmail does. Cancel anytime, no contract.

Your Domain Is Being Tested Right Now.

Gmail, Microsoft, and every spam filter evaluate your email authentication on every single send. Find out your score in 10 seconds — before they downgrade you permanently.

Scan Your Domain Free — 10 Seconds

No signup. No credit card. No installation.