Email Delivery Security Scanner

QUESTIONS AND ANSWERS

What is Domain Scanner?

EasyDMARC Domain Scanner is a complete tool designed to help you identify all possible issues with your domain.
Explanation Tags

The tags and their definitions

TAGTAG DESCRIPTION
v (required)The version tag. is the only allowed value is “spf1”. If it’s incorrect or the tag is missing, the SPF record will be ignored.
ip4This tag should include all the IPv4 addresses that are allowed to send emails on behalf of the domain.
ip6This tag should include all the IPv6 addresses that are allowed to send emails on behalf of the domain.
aThe A record tag allows the SPF to validate the sender by domain name’s IP address. If left unspecified, it takes the value of the current domain.
mxThe MX record tag checks the MX record of the mail server(s). If left unspecified, it takes the value of the current domain.
ptr (Not recommended)The PTR tag prompts a PTR check for client IP hostname(s). It’s a not recommended tag as per RFC 7208, because it spends too many DNS lookups.
existsThe exists tag checks if an A record exists or not on the mentioned domain.
includeThe include tag is of top importance for a correct SPF record. Listing all your sending sources under this tag lets the recipient know that you verify all the aded domains/subdomains as legitimate sources.
all (required)All is a required tag. It should be placed at the end of the SPF record. Depending on the qualifiers used (~, +, -, ?), this mechanism indicates how the recipient should treat emails from non-authorized sources.
Explanation Tags

The tags and their definitions

TAGTAG DESCRIPTION
vThe version tag indicates the version of DKIM, and should always be set on 1.
p (required)The public key tag is a string of characters generated during DKIM setup. Leaving the value empty deems it invalid.
tThis tag lists the flags in a colon-separated sequence. There are two defined flags: y and s. Undefined flags must be ignored.
sThis tag lists record-applicable service types. If the appropriate service type misses, the receiving servers must ignore the tag. Same goes with the unrecognized service types.
hThis tag defines the acceptable hash algorithms. In its default state, it allows all. Unrecognized algorithms must be ignored. The sender is responsible for determining each entry in the list.
kThis is the key type tag with a default value of “rsa”. It’s crucial that both sending and receiving servers support this value.
nThis tag acts like an optional note field for administrators. We recommend that you use this field only if necessary.
Explanation Tags

The tags and their definitions

TAGTAG DESCRIPTION
vThe version tag. The only allowed value is “DMARC1”. If it’s incorrect or the tag is missing, the DMARC record will be ignored.
pThe DMARC policy. Allowed values are “none”, “quarantine”, or “reject”. The default is “none,” which takes no action against non-authenticated emails. It only helps collect DMARC reports and gain insight into your current email flows and their authentication status. “Quarantine” marks the failed emails as suspicious, while “reject” blocks them.
spThe subdomain policy. The subdomain inherits the domain policy tag explained above, unless specifically defined here. Like the domain policy, the allowed values are “none,” “quarantine,” or “reject.” This option isn’t widely used nowadays.
pctThe percentage tag. This tag works on domains with “quarantine” or “reject” policy only. It marks the percentage of failed emails a given policy should be applied to. The rest falls under a lower policy. For example, if “pct=70,” on a domain with “quarantine” policy, it applies only 70% of the time. The remaining 30% goes under “p=none”. Similarly, if “p=reject” and “pct=70,” “reject” applies to the 70% of failed emails, and the 30% go into “quarantine.”
ruaAggregate report sending destination.It’s the “mailto:” URI that ISPs use to send failure reports.The tag is optional. But you need to use it if you wish to receive the reports.
rufForensic (Failure) report sending destination. It’s the “mailto:” URI that ISPs use to send failure reports.The tag is optional. But you need to use it if you wish to receive the reports.
riReporting interval. Marks the frequency of receivied XML reports in seconds. The default is 86400 (once a day). Change the default if you want to adjust the reporting frequency. Regardless of set interval in most cases ISPs may send the reports at different intervals (usually once a day).
aspfThe SPF alignment. This tag follows the alignment between the SPF domain (the sender) and the Header From domain. Allowed values are “r” (relaxed) or “s” (strict). “r” is the default, and allows a partial match, while the “s” tag requires the domains to be exactly the same.
adkimThe DKIM signature alignment. This tag follows the alignment between the DKIM domain and the parent Header From domain. Allowed values are “r” (relaxed) or “s” (strict). “r” is the default, and allows a partial match, while the “s” tag requires the domains to be the exact same.
foForensic reporting options. Allowed values are “0,” “1,” “d,” and “s.” “0” is the default value, which generates a forensic report when both SPF and DKIM fail to produce an aligned pass. If either of the protocol outcome is something other than pass, use “1.” “d” generates a report when DKIM is invalid, while “s” does the same for SPF. Define the ruf tag to receive forensic reports.
Explanation Tags

The tags and their definitions

TAGTAG DESCRIPTION
vThe version tag. The only allowed value is “DMARC1”. If it’s incorrect or the tag is missing, the DMARC record will be ignored.
pThe DMARC policy. Allowed values are “none”, “quarantine”, or “reject”. The default is “none,” which takes no action against non-authenticated emails. It only helps collect DMARC reports and gain insight into your current email flows and their authentication status. “Quarantine” marks the failed emails as suspicious, while “reject” blocks them.
spThe subdomain policy. The subdomain inherits the domain policy tag explained above, unless specifically defined here. Like the domain policy, the allowed values are “none,” “quarantine,” or “reject.” This option isn’t widely used nowadays.
pctThe percentage tag. This tag works on domains with “quarantine” or “reject” policy only. It marks the percentage of failed emails a given policy should be applied to. The rest falls under a lower policy. For example, if “pct=70,” on a domain with “quarantine” policy, it applies only 70% of the time. The remaining 30% goes under “p=none”. Similarly, if “p=reject” and “pct=70,” “reject” applies to the 70% of failed emails, and the 30% go into “quarantine.”
ruaAggregate report sending destination.It’s the “mailto:” URI that ISPs use to send failure reports.The tag is optional. But you need to use it if you wish to receive the reports.
rufForensic (Failure) report sending destination. It’s the “mailto:” URI that ISPs use to send failure reports.The tag is optional. But you need to use it if you wish to receive the reports.
riReporting interval. Marks the frequency of receivied XML reports in seconds. The default is 86400 (once a day). Change the default if you want to adjust the reporting frequency. Regardless of set interval in most cases ISPs may send the reports at different intervals (usually once a day).
aspfThe SPF alignment. This tag follows the alignment between the SPF domain (the sender) and the Header From domain. Allowed values are “r” (relaxed) or “s” (strict). “r” is the default, and allows a partial match, while the “s” tag requires the domains to be exactly the same.
adkimThe DKIM signature alignment. This tag follows the alignment between the DKIM domain and the parent Header From domain. Allowed values are “r” (relaxed) or “s” (strict). “r” is the default, and allows a partial match, while the “s” tag requires the domains to be the exact same.
foForensic reporting options. Allowed values are “0,” “1,” “d,” and “s.” “0” is the default value, which generates a forensic report when both SPF and DKIM fail to produce an aligned pass. If either of the protocol outcome is something other than pass, use “1.” “d” generates a report when DKIM is invalid, while “s” does the same for SPF. Define the ruf tag to receive forensic reports.