CaptainDNS hosts your MTA-STS policy and BIMI logo, and monitors your DMARC and TLS-RPT reports automatically. All free, no server required.
Google, Yahoo and Microsoft now require stronger email authentication. Protect your deliverability in just a few clicks.
CaptainDNS hosts your MTA-STS policy and BIMI logo, and monitors your DMARC and TLS-RPT reports automatically. All free, no server required.
Google, Yahoo and Microsoft now require stronger email authentication. Protect your deliverability in just a few clicks.
60% of listed companies score a D or F on email authentication.
Resolve, audit and monitor your DNS records and SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC protocols from a single dashboard.
Host your email security policies, get alerts as soon as an anomaly appears and generate shareable reports for your clients.
64+ free tools, 18 resolvers across 4 continents, results in seconds.
Aggregated data since 2025
Measured over the last 12 months
Alerts sent as soon as a difference or latency anomaly is detected
Diagnose your DNS zones and email authentication, host your security policies and monitor everything continuously.
Enter a domain, get a complete verdict on DNS and email authentication. Overall score, identified errors and fixes to apply.
Run an auditMTA-STS, BIMI and DMARC/TLS-RPT monitoring without infrastructure to manage. Activate your policies in a few clicks.
Discover hostingContinuous DNS alerts, aggregated DMARC and TLS-RPT reports, change detection and latency anomalies.
Enable monitoringType your domain name and pick one of the 64+ available tools.
CaptainDNS queries 18 resolvers across 4 continents and analyses your DNS, SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC records.
Every issue detected comes with a clear explanation and a ready-to-paste corrected record.
Paste raw email headers and get a detailed report on authentication, delivery path and spam verdict.
Full scan of SPF, DKIM, DMARC, MTA-STS, BIMI, DANE and DNSSEC in a single pass. Overall score, per-protocol verdict and fixes to apply.
Redirect any domain with automatic HTTPS. Define per-path rules (exact, prefix, regex), import via CSV, and track traffic in real time with the analytics dashboard.
Automatic HTTPS
TLS certificates issued and renewed automatically via Let's Encrypt.
SEO Redirect Map
Per-path rules with exact, prefix, or regex matching. CSV import.
Real-time statistics
Hits, unique visitors, 404s, top referrers, countries, and paths.
301 and 302 redirects
Permanent for SEO or temporary for campaigns.
Path forwarding
Preserve URL paths and query strings during redirection.
Apex and subdomains
Root domains via A/AAAA and subdomains via CNAME.
1 600+ listed companies across 16 stock indices, analysed weekly on 8 protocols. 60% score a D or an F.
Protect the sending reputation of your campaigns. Audit deliverability, monitor DMARC and TLS-RPT reports, and spot blockers before your recipients do.
Enable DMARC monitoringHarden email authentication across all your domains. Deploy MTA-STS, DNSSEC and DANE, then continuously monitor DNS changes.
Deploy MTA-STSAudit your clients' domains in seconds. Generate shareable reports and demonstrate the value of every fix.
Analyze a client headerCaptainDNS · March 19, 2026
Since March 15, 2026, the CA/Browser Forum requires CAs to verify DNSSEC during domain validation. This guide covers the context, impact, and how to check your configuration.
CaptainDNS · March 19, 2026
The CA/Browser Forum voted to progressively reduce TLS certificate lifetimes from 398 to 47 days by March 2029. Timeline, rationale, impact, and practical guide.
CaptainDNS · March 18, 2026
DMARCbis replaces RFC 7489, drops the PSL in favor of the DNS Tree Walk, adds three tags and splits reporting into three documents. This guide covers everything: how it works, migration, compliance.
You manage DNS zones, you debug deliverability issues or you secure email authentication for your clients. CaptainDNS gives you answers in seconds, with clear explanations of what needs to change and why.
18 resolvers spread across 4 continents reproduce what your recipients actually see. If a resolver in Frankfurt, Sydney or Montreal gets a different answer, you know immediately.
Stay in control of DNS and deliverability with actionable explanations. Here are the answers to the most common requests.
Send a test email and instantly check SPF, DKIM, DMARC, spam score and inbox placement.
DNS Lookup
Choose a DNS record type to search for.
Propagation & diagnostics
Compare resolvers worldwide and inspect returned answers.
Keep history, monitor your zones and automate recurring checks.
Email Diagnostics
Tools to verify and validate your email authentication setup.
Secure & Monitor
Record generators, policy hosting and continuous monitoring.
Generators
Network & Web
Network tools, web page analysis and certificates.
IP Tools
My IP address
Detect your IPv4/IPv6 addresses and their geolocation.
Reverse lookup
Resolve a PTR record and validate DNS consistency.
IP WhoIs
Identify the owner of an IP range and its contacts.
IPv4 netmask
Calculate network, broadcast and usable hosts for any IPv4 block.
IPv6 subnet calculator
Calculate IPv6 subnets, address ranges and reverse DNS entries.
Certificates & BIMI
BIMI logo lookup
Inspect a BIMI logo URL - format, metadata and live rendering - before rollout.
BIMI SVG converter
Convert any SVG to BIMI-compliant Tiny-PS format in seconds.
CSR parser
Inspect a CSR, extract subject details, fingerprints and requested SANs.
VMC inspector
Inspect a Verified Mark Certificate - issuer, validity and SAN coverage - before you publish BIMI.
Developer Tools
Text utilities and tools for everyday dev work.
Text
Transform and measure your content in seconds.
Text case converter
Convert any block of text to upper or lower case instantly.
Slug generator
Transform any sentence into an SEO-friendly slug in seconds.
Word & character counter
Measure the length of any text, with instant word and character counts.
Password generator
Generate strong random passwords and memorable passphrases instantly.
Developer
Encoding, hashing, regex and formatting for everyday dev work.
Base64 encoder / decoder
Encode or decode any content in Base64 without leaving the browser.
Hash Generator
Compute MD5, SHA-1, SHA-256 and SHA-512 hashes of any text.
URL encoder / decoder
Encode or decode text using percent-encoding (RFC 3986) right in your browser.
Regex Tester
Test a regular expression against text and visualize matches.
JSON / YAML Formatter
Format, validate and convert JSON and YAML in one click.