Mimecast DMARC Analyzer offers a free SPF validator that allows a user to immediately receive a report that displays their DNS record.
Sender Policy Framework (SPF) is an email authentication protocol for authenticating email that allows the owners of a domain to publish information that receiving mail servers can check to determine when an email may be forged. But performing an SPF check is only helpful when a domain's SPF record is valid.
Mimecast DMARC Analyzer offers a free SPF validator. By entering your domain into Mimecast's SPF validator, you can immediately receive a report that displays your DNS record and parses your SPF record to identify any potential issues. The Mimecast SPF validator can also pre-validate and update before it is applied to a record to prevent post-update issues. Testing potential updates with an SPF validator is strongly recommended before applying updates to the DNS record.
Try Mimecast's SPF validator now
SPF email authentication helps to identify and block illegitimate email by enabling domain owners to publish a list of authorized mail servers. This information appears in an SPF record, a line of text within their DNS record. A receiving mail server can use this information to perform an SPF test, comparing the IP address of inbound email to the addresses listed in the SPF record. If the addresses don't match, the email fails to authenticate and can be blocked or quarantined.
The drawback of SPF is that it doesn't catch all threats. It breaks when an email is forwarded, and it can't detect email where attackers have spoofed only the "from" address that recipients see at the top of the message. Also, to be effective, SPF records must be continuously updated with accurate information about authorized mail servers. When this task isn't completed, SPF becomes ineffective.
DMARC (Domain-based Message Authentication, Reporting & Conformance) offers improvements over SPF as well as the DKIM protocol. DMARC actually builds on both protocols, requiring that email pass either or both authentication tests. DMARC also requires that the "from" address is aligned with other address information in the email, and it instructs receiving mail servers on what to do with messages that don't authenticate.
While DMARC significantly improves the level of email security, it can also be difficult to deploy and complicated to manage. That's why so many organizations seeking to implement DMARC choose Mimecast DMARC Analyzer.
Mimecast DMARC Analyzer reduces the time and complexity of implementing DMARC authentication. As a 100% SaaS solution, DMARC Analyzer delivers full insight, visibility and governance across all email channels, enabling you to implement a DMARC reject policy while making sure legitimate email does not get blocked.
DMARC Analyzer offers self-service email intelligence for implementing DMARC policy quickly and easily on the gateway. In contrast to other DMARC solutions that tend to require professional services for successful implementation and management, DMARC Analyzer is designed for simple and effective self-service.
DMARC Analyzer can help stop email spoofing based on the illegitimate use of a real domain name. To defend against malware-less attacks that use domain similarity – where a fraudulent domain is almost identical to a legitimate domain – Mimecast offers Impersonation Protect.
Mimecast Impersonation Protect scans all inbound emails in real time to spot the typical signs of impersonation attacks: anomalies in the header, domains that are similar to legitimate domain, domains that have been recently registered, suspicious content in the body of emails and international character sets often used in these kind of attacks.
Additional Mimecast email security solutions include:
SPF (Sender Policy Framework) is an email authentication protocol used by many companies to help prevent domain spoofing. SPF enables the owner of a domain to publish information in the DNS record about which IP addresses are authorized to send email for the domain.
An SPF record is a line of text in the DNS record that stipulates which mail servers or IP addresses are authorized to send mail. When a mail server receives an email, it can check the SPF record to see if the IP addresses in the email header match the IP addresses in the DNS record, indicating that the message is authentic.
An SPF validator is a diagnostic test for determining whether an SPF record is valid. When you enter a domain into an SPF validator, it will perform an SPF record check to look up the record and display it, and run a number of tests to see if there are any issues with the syntax of the record or the data in it that might cause problems for email delivery. Mimecast DMARC Analyzer offers a free SPF validator, along with tools for a free DKIM record check and a free DMARC record check.