Lookup Tools
Generator Tools
PowerTool
Select the lookup type from the left drop-down, then enter a domain, IP address, or a hostname in the second field. Read about the Lookup types below
Enter the DKIM record selectors
Auto-Detect Selector
Please enter a valid domain name, without http:// prefix
What is PowerTool?
This tool allows you to lookup and find errors in your domain’s SPF,DMARC,DKIM,BIMI,MTA-STS,TLS-RPT,NS,MX DNS records all from one place. It also allows you to look up your domain’s whois information and your IP addresses’ blacklisting status, PTR DNS records and FCrDNS check results.
No Records Found
DMARC Status
This record has been correctly setup
This DMARC record is invalid
Record Checks
| Valid DMARC record | |
| DMARC policy | |
| Aggregate Report (RUA) addresses | |
| Forensic Report (RUF) addresses | |
| Error Details | |
| Warning |
Tags Found
| Tag | Value | Description |
|---|---|---|
| v | DMARC Version | |
| p | DMARC policy | |
| pct | Percentage of emails to which the DMARC policy will be applied | |
| rua | Aggregate (RUA) reports URI(s) | |
| ruf | Aggregate (RUF) report URI(s) | |
| fo | The FO tag pertains to how forensic reports are created and presented to DMARC users. | |
| aspf | SPF alignment mode | |
| adkim | DKIM alignment mode | |
| rf | Format of failure reports | |
| ri | The ri tag corresponds to the aggregate reporting interval and provides DMARC feedback for the outlined criteria. | |
| sp | This tag represents the requested handling policy for subdomains. |
SPF Status
Record Checks
| Valid SPF record | |
| Failure Mode | |
| DNS Lookups below 10 | /10 |
| Void Lookups below 2 | /2 |
| Error Details | |
| Warning |
Tags Found
| Tag | Value | Description |
|---|---|---|
| v | v = spf1 Record version | |
| +ip4 | Allow the listed IPv4 addresses | |
| +ip6 | Allow the listed IPv6 addresses | |
| +include | Check the SPF record of the listed domain for a matching IP address | |
| +a | Allow the IP addresses listed in the domain’s A record | |
| +mx | Allow the IP addresses of the domain’s MX hosts | |
| +ptr | Allow the IP addresses of the domain’s PTR hosts | |
| +exist | SPF passes if an A record lookup of the listed domain returns a valid result | |
| +redirected | Replace the current SPF record with that of the listed domain | |
| -/~/? | Apply a hardfail/softail/neutral result if no other mechanisms match |
DKIM Status
No Records Found
BIMI Status
Your logo will be displayed here.
| Valid MTA-STS record | No |
| Accessible MTA-STS Policy file | No |
| Valid TLS-RPT record | No |
MTA-STS & TLS-RPT have not been enabled for your domain. Enable them in less than 5 minutes by leveraging our hosted PowerMTA-STS feature (Learn more)
Hosted MTA-STS & TLS-RPT have not been enabled for your domain. Enable them in less than 5 minutes by leveraging our hosted PowerMTA-STS feature. Learn more
The following MTA-STS DNS TXT record was found for
The following TLS-RPT DNS TXT record was found for
| Valid TLS-RPT DNS record | ||
| Hosted TLS-RPT | Yes |
Disabled
|
| Aggregate Report (RUA) email addresses | No | |
| Error Details |
| Nameserver | IP Address | Organization Name |
| Preference | Hostname | IP Address | Organization Name |
| IP Address | TTL |
| IP Address | TTL |
| Content | TTL |
| Canonical Name | TTL |
| Primary name server | Responsible mail addr | Serial | Refresh | Retry | Expire | Default TTL |
FCrDNS Status
Found on blocklists
| Status | Blocklist |
Ip address is not listed in any known blocklist host
| IP Address | Domain Name |
Lookup Types
| Command | Explanation |
|---|---|
| DMARC: | Lookup your domain’s DMARC record by selecting “DMARC” from the menu or typing “dmarc: domain.com” in the input field |
| SPF: | Lookup your domain’s SPF record by selecting “SPF” from the menu or typing “spf: domain.com” in the input field |
| DKIM: | Lookup your domain’s DKIM record by selecting “DKIM” from the menu and specifying the selector and domain in the respective fields |
| BIMI: | Lookup your domain’s BIMI record by selecting “BIMI” from the menu or typing “bimi: domain.com” in the input field |
| MTA-STS/TLS-RPT: | Lookup your domain’s MTA-STS and TLS-RPT records by selecting “MTA-STS/TLS-RPT” from the menu or typing “mta-sts: domain.com” in the input field |
| Blocklisting: | Find your IP addresse’s blocklisting information by selecting “Blocklist” from the menu or typing “blocklist: 1.1.1.1” in the input field |
| Whois: | Find your domain’s WHOIS information by selecting “whois” from the menu or typing “whois: domain.com” in the input field |
| PTR: | Lookup your IP address PTR DNS record by selecting “PTR” from the menu or typing “PTR: 1.1.1.1” in the input field |
| NS: | Lookup your domain’s NS DNS records by selecting “NS” from the menu or typing “ns: domain.com” in the input field |
| MX: | Lookup your domain’s MX DNS records by selecting “MX” from the menu or typing “mx: domain.com” in the input field |
| A: | Lookup your domain’s A DNS records by selecting “A” from the menu or typing “a: domain.com” in the input field |
| AAAA: | Lookup your domain’s AAAA DNS records by selecting “AAAA” from the menu or typing “aaaa: domain.com” in the input field |
| TXT: | Lookup your domain’s txt DNS records by selecting “TXT” from the menu or typing “txt: domain.com” in the input field |
| CNAME: | Lookup your domain’s CNAME DNS records by selecting “CNAME” from the menu or typing “cname: domain.com” in the input field |
| SOA: | Lookup your domain’s SOA DNS records by selecting “SOA” from the menu or typing “soa: domain.com” in the input field |
| FCRDNS: | Perform an FCrDNS check on your IP address by selecting “FCrDNS” from the menu or typing “fcrdns: 1.1.1.1” in the input field |
Checker
Lookup
Lookup
Lookup
Record Lookup
Checker
Checker
Checker
Checker
Checker
Checker
Checker
Checker
Checker
Checker
Checker
DMARC Record Checker
Use this tool to lookup and validate your DMARC record.
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting and Conformance), is an email authentication standard, policy, and reporting protocol. It builds on the widely deployed SPF & DKIM protocols and is the only way for email senders to tell email receivers that the emails they are sending are truly from them. Using DMARC enables senders to publish a policy on how email servers should react on inauthentic messages.DMARC Status
This record has been correctly setup
This DMARC record is invalid
Record Checks
| Valid DMARC record | |
| DMARC policy | |
| Aggregate Report (RUA) addresses | |
| Forensic Report (RUF) addresses | |
| Error Details |
Tags Found
| Tag | Value | Description |
|---|---|---|
| v | DMARC Version | |
| p | DMARC policy | |
| pct | Percentage of emails to which the DMARC policy will be applied | |
| rua | Aggregate (RUA) reports URI(s) | |
| ruf | Aggregate (RUF) report URI(s) | |
| fo | The FO tag pertains to how forensic reports are created and presented to DMARC users. | |
| aspf | SPF alignment mode | |
| adkim | DKIM alignment mode | |
| rf | Format of failure reports | |
| ri | The ri tag corresponds to the aggregate reporting interval and provides DMARC feedback for the outlined criteria. | |
| sp | This tag represents the requested handling policy for subdomains. |
SPF Record Checker
Use this tool to lookup and validate your SPF record.
What is SPF?
Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain\'s administratorsSPF Status
Record Checks
| Valid SPF record | |
| Failure Mode | |
| DNS Lookups below 10 | /10 |
| Void Lookups below 2 | /2 |
| Error Details | |
| Warning |
Tags Found
| Tag | Value | Description |
|---|---|---|
| v | v = spf1 Record version | |
| +ip4 | Allow the listed IPv4 addresses | |
| +ip6 | Allow the listed IPv6 addresses | |
| +include | Check the SPF record of the listed domain for a matching IP address | |
| +a | Allow the IP addresses listed in the domain’s A record | |
| +mx | Allow the IP addresses of the domain’s MX hosts | |
| +ptr | Allow the IP addresses of the domain’s PTR hosts | |
| +exist | SPF passes if an A record lookup of the listed domain returns a valid result | |
| +redirected | Replace the current SPF record with that of the listed domain | |
| -/~/? | Apply a hardfail/softail/neutral result if no other mechanisms match |
DKIM Record Checker
DKIM Record Lookup
By enabling it the system will detect and fetch the DKIM selectors
Domain
Selector
Enter the DKIM record selectors
Auto-Detect Selector
What is DKIM?
DKIM (DomainKeys Identified Mail) allows senders to associate a domain name with an email message, thus vouching for its authenticity. This is done by "signing" the email with a digital signature, a field that is added to the message\'s header. The recipient MTA can verify the DKIM signature, which gives users some security knowing that the email did actually originate from the listed domain, and that it has not been modified since it was sent.DKIM Status
No Records Found
DKIM Status
Record Checks
| Valid DKIM record | |
| Public Key Found | |
| Key Algorithm | |
| Error Details | |
| Warning |
Tags Found
| Tag | Value | Description |
|---|---|---|
| v | Version | |
| g | Granularity of the key | |
| h | DKIM hash algorithm | |
| k | DKIM key type | |
| n | Notes | |
| p | Public Key | |
| s | Service type | |
| t | Flag |
FCrDNS Record Checker
Use this tool to lookup your FCrDNS record.
What is FCrDNS?
Forward Confirmed Reverse DNS FCrDNS is a DNS technical configuration that shows a relationship exists between an IP address and a hostname. By having FCrDNS, you prove that your IP address is using a sending domain that you own. This relationship provides a form of authentication that some mailbox providers use in their spam filter methodology.FCrDNS Status
Blocklist Record Checker
Use this tool to lookup your blocklist record.
What is Blocklist?
IP blocklisting is a method used to filter out illegitimate or malicious IP addresses from accessing your networks. Blocklists are lists containing ranges of or individual IP addresses that you want to block.
Found on blocklists
| Status | Blocklist |
Ip address is not listed in any known blocklist host
BIMI Record Lookup
Use this tool to lookup and validate your BIMI record.
What is BIMI?
BIMI, or Brand Indicators for Message Identification, is a new standard created to make it easier to get your logo displayed next to your message in the inbox. Not only will this help your visibility, but BIMI is designed to prevent fraudulent emails and aid deliverability, too.BIMI Status
Your logo will be displayed here.
MTA-STS/TLS-RPT Record Lookup
Use this tool to lookup and validate your MTA-STS/TLS-RPT record.
What is MTA-STS/TLS-RPT?
Mail Transfer Agent-Strict Transport Security (MTA-STS) is a protocol that makes it mandatory for any outgoing email from the domain to be TLS encrypted before being delivered to the recipient. Transport Layer Security Reporting is a protocol used alongside MTA-STS that enables the domain owner to receive reports with information on emails that failed to be delivered because the receiving server didn’t support TLS encryption.| Valid MTA-STS record | No |
| Accessible MTA-STS Policy file | No |
| Valid TLS-RPT record | No |
MTA-STS & TLS-RPT have not been enabled for your domain. Enable them in less than 5 minutes by leveraging our hosted PowerMTA-STS feature (Learn more)
The following MTA-STS DNS TXT record was found for
| Valid MTA-STS DNS record | ||
| Accessible MTA-STS Policy file | ||
| Policy file URL | ||
| Hosted MTA-STS | Yes |
Disabled
|
| Mode | N/A Testing Enforce None | |
| MX | No | |
| Error Details |
Hosted MTA-STS & TLS-RPT have not been enabled for your domain. Enable them in less than 5 minutes by leveraging our hosted PowerMTA-STS feature. Learn more
The following TLS-RPT DNS TXT record was found for
| Valid TLS-RPT DNS record | ||
| Hosted TLS-RPT | Yes |
Disabled
|
| Aggregate Report (RUA) email addresses | No | |
| Error Details |
MX Record Checker
Use this tool to lookup and validate your mx record.
| Preference | Nameserver | IP Address | Organization Name |
What is MX?
MX is the short name for "Mail Exchanger", this is the type of DNS (Domain Name System) record. DNS is the key to a service for a domain. The mail server that sends an email message looks up for MX records for destination domain to find destination mail sever.
A Record Checker
Use this tool to lookup and validate your "a" record.
| IP Address | TTL |
What is A?
An A record is the most basic type of DNS record you can create for your website, and it's used to map a hostname (like "example.com") to an IP address.When your visitors type in a URL like example.com into their browser, their computer sends a request to the DNS server that holds your domain's records. That server will then consult its A records to find out where example.com lives on the internet—that is, which hostname maps to which IP address. Once they know that information, they send back an answer letting the visitor's browser know where to go next.
AAAA Record Checker
Use this tool to lookup and validate your "aaaa" record.
| IP Address | TTL |
What is AAAA?
AAAA records are a type of DNS record that can be used to direct your domain to the IPv6 address (the next major version of the Internet Protocol (IP), which all devices use to communicate with one another on the internet) of a server. It's important to set up AAAA records if you want people who visit your website via IPv6 to be able to connect with it. This makes it easy to route traffic directly to your website.
TXT Record Checker
Use this tool to lookup and validate your "txt" record.
| Content | TTL |
What is TXT?
A TXT record is a text-based resource record that can be added to your domain name system. A TXT record can be used to add additional information about your domain in a human-readable format, such as defining the origin of an email address or the location of a server hosting a website, email spam prevention, domain ownership verification, and the implementation of email authentication protocols like SPF, DKIM, and DMARC.
CNAME Record Checker
Use this tool to lookup and validate your "cname" record.
| Canonical Name | TTL |
What is CNAME?
A CNAME record is an alias that points to another web address. It's what you use when you want to redirect traffic from one website to another. CNAME stands for Canonical Name, and it's a type of DNS resource record that works together with an A record to map a domain name.The most common use case for CNAME records is when you want to redirect your website's URL or use it to host multiple sites on the same server.
SOA Record Checker
Use this tool to lookup and validate your "soa" record.
| Primary name server | Responsible mail addr | Serial | Refresh | Retry | Expire | Default TTL |
What is SOA?
SOA stands for Start of Authority. It's a DNS record that tells the domain name server (DNS) which DNS servers are responsible for your domain.The SOA record contains information about your domain, including the primary email address of your administrative contact and the hostname of the primary server for your domain.
NS Record Checker
Use this tool to lookup and validate your ns record.
| Nameserver | IP Address | Organization Name |
What is NS?
A name server refers to the server component of the Domain Name System (DNS), one of the two principal namespaces of the Internet. The most important function of DNS servers is the translation (resolution) of human-memorable domain names (example.com) and hostnames into the corresponding numeric Internet Protocol (IP) addresses (93.184.216.34), the second principal name space of the Internet which is used to identify and locate computer systems and resources on the Internet.Although it is typically used in reference to DNS, the term name server may also be used for any computer application that implements a network service for providing responses to queries against a directory service which translates an often humanly meaningful, text-based identifier to a system-internal, often numeric identification or addressing component. This service is performed by the server in response to a service protocol request.
Whois Checker
Use this tool to lookup your Whois record.
What is Whois?
Whois is a widely used Internet record listing that identifies who owns a domain and how to get in contact with them. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates domain name registration and ownership. Whois records have proven to be extremely useful and have developed into an essential resource for maintaining the integrity of the domain name registration and website ownership process.
PTR Checker
Use this tool to lookup your PTR record.
What is PTR?
Pointer records (PTR records) are one of the records used by the domain name system (DNS), which acts as a directory for the internet. While DNS typically uses domain names to locate IP addresses, reverse DNS does the opposite with the help of PTR records.| IP Address | Hostname |
Generator
Generator
Generator
Generator
Converter
Generator
DMARC Record Generator
GENERATE DMARC DNS RECORD
DMARC DNS RECORD
This tool generates a DMARC record you can publish to your DNS. Once this record is published, a daily report will be sent to a unique email address that matches your account. The data contained within this report is then processed and displayed on your dashboard. You can also have forensic emails forwarded to another unique email address.Please publish the following DNS TXT Record on the subdomain _dmarc.YOURDOMAIN.com
Record Type : TXT
Host : _dmarc
Use this tool to generate your SPF record.
Warning: missing "all" tag, which is equal to "?all" (neutral), please use "-all" for maximum security!
Please publish the following DNS TXT record on your domain’s DNS
Record Type : TXT
Host : @
Value:
DKIM Record Generator
Private key
You must enter this key in your DKIM signer. It must be kept secret, as anyone with access to it can stamp tokens pretending to be you
Generated DKIM Record
Please publish the DNS TXT record below on the subdomainThe Generated Public Key is using PEM format and can be published directly on the DNS
BIMI Record Generator
Your logo will be displayed here.
How do I make sure my logo is displayed in supported inboxes? Check out our BIMI Implementation Guide
Please publish the following BIMI record on your DNS
| Type | Host | Value |
| TXT |
|
|
Generate TLS-RPT Record
What is TLS-RPT?
When you implement TLS Reporting, you’ll get daily aggregate reports with information on emails that don't get encrypted and fail to deliver. Our free TLS-RPT Record Generator creates a TXT record you can publish on your DNS. Get constant reports about the status of email in your domain in one simple step.
Please publish the following TLS-RPT record on your DNS
| Type | Host | Value |
| TXT |
|
|
BIMI SVG Logo Convertor
What is BIMI SVG Logo Converter?
The uploaded file must be SVG format.
*
Brand Indicators for Message Identification (BIMI) is a cybersecurity standard that attaches a the logo of a brand next to all DMARC-authenticated emails in the inbox so it’s instantly recognizable.
No records found
Any text as spf content
This is any error
Knowledge
What is Email Authentication?
What is DMARC?
What is DMARC Policy?
What is SPF?
What is DKIM?
What is BIMI?
What is MTA-STS?
What is TLS-RPT?
What is RUA?
What is RUF?
AntiSpam vs DMARC
DMARC Alignment
DMARC Compliance
DMARC Enforcement
BIMI Implementation Guide
Permerror
MTA-STS & TLS-RPT Implementation Guide
Tools
Free DMARC Record Generator
Free DMARC Record Checker
Free SPF Record Generator
Free SPF Record Lookup
Free DKIM Record Generator
Free DKIM Record Lookup
Free BIMI Record Generator
Free BIMI Record Lookup
Free FCrDNS Record Lookup
Free TLS-RPT Record Checker
Free MTA-STS Record Checker
Free TLS-RPT Record Generator