🔐

Email Security Check

Comprehensive email security audit — SPF, DMARC, DKIM, MTA-STS, TLS-RPT, BIMI.

GET 1 credit /v1/email/security
curl "https://email.toolkitapi.io/v1/email/security?domain=toolkitapi.io"
import httpx

resp = httpx.get(
    "https://email.toolkitapi.io/v1/email/security?domain=toolkitapi.io",
)
print(resp.json())
const resp = await fetch("https://email.toolkitapi.io/v1/email/security?domain=toolkitapi.io", {
});
const data = await resp.json();
console.log(data);
# See curl example
Response 200 OK
{
  "domain": "toolkitapi.io",
  "score": 70,
  "grade": "C",
  "checks": [
    {"protocol": "SPF", "found": true, "valid": true, "value": "v=spf1 include:_spf.google.com ~all", "detail": "SPF record found and valid"},
    {"protocol": "DMARC", "found": true, "valid": true, "value": "v=DMARC1; p=none; rua=mailto:[email protected]", "detail": "DMARC found but policy is none"},
    {"protocol": "DKIM", "found": false, "valid": false, "value": null, "detail": "No DKIM record found at default selector"},
    {"protocol": "MTA-STS", "found": false, "valid": false, "value": null, "detail": "No MTA-STS policy found"},
    {"protocol": "TLS-RPT", "found": false, "valid": false, "value": null, "detail": "No TLS-RPT record found"},
    {"protocol": "BIMI", "found": false, "valid": false, "value": null, "detail": "No BIMI record found"}
  ],
  "query_time_ms": 189.3
}

Try It Live

Live Demo

Description

Comprehensive email security audit — SPF, DMARC, DKIM, MTA-STS, TLS-RPT, BIMI.

How to Use

1

1. Pass the domain in the `domain` parameter. 2. Review the `grade` for a quick assessment and `checks` for protocol-by-protocol details. 3. Fix issues starting with the lowest-scoring protocols.

About This Tool

Email Security Check runs a comprehensive audit of a domain's email authentication and security posture. It checks SPF, DMARC, DKIM (common selectors), MTA-STS, TLS-RPT, and BIMI, returning a score (0-100) and letter grade with detailed findings for each protocol.

Why Use This Tool

Frequently Asked Questions

Which DKIM selectors are checked?
Common selectors including `default`, `google`, `selector1`, `selector2`, `k1`, and others. Custom selectors not in this list won't be detected.
What score gets an A grade?
90-100 typically earns an A. Having SPF, DMARC (with quarantine/reject), and DKIM all valid is the minimum for a high score.

Start using Email Security Check now

Get your free API key and make your first request in under a minute.