Available at suped.com/domain-health-checker.
Run a comprehensive DNS audit of any domain's email authentication setup. The checker examines your SPF, DKIM, and DMARC records and produces a health score from 0 to 100 with a letter grade.
Scoring breakdown
The score is split into three equal categories, each worth up to 33 points.
DMARC (33 points)
- Has Suped listed as a report recipient
- Policy is
quarantineorreject - Subdomain policy (
sp) is set
SPF (33 points)
- Record is under 450 bytes
- 10 or fewer DNS lookups
DKIM (33 points)
Averaged across all selectors found:
- RSA encryption algorithm
- SHA-256 hashing algorithm
- Not in testing mode
- Key length of 2048 bits or more
Grade thresholds
| Score | Grade |
|---|---|
| 90-100 | A |
| 80-89 | B |
| 70-79 | C |
| Below 70 | D |
DKIM selector detection
Suped checks 50+ common DKIM selectors including google, s, s1, s2, key1, dkim, selector1, selector2, and many more. This means you get DKIM results even without specifying your selectors.
For a detailed breakdown of how scoring works, see Domain health scoring.
