CaptainDNS · May 4, 2026
Phishing vs spear phishing: what's the difference in 2026?
Phishing targets the masses, spear phishing targets the person. In 2026, AI, OSINT, and deepfakes blur the line. Full breakdown with real cases and defenses.
100% free, no sign-up required
DNS and email security united in a single platform
60% of listed companies score a D or F on email authentication.
Resolve, audit and monitor your DNS records and SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC protocols from a single dashboard.
Host your email security policies, get alerts as soon as an anomaly appears and generate shareable reports for your clients.
64+ free tools, 18 resolvers across 4 continents, results in seconds.
Auto-detection - matching tools will appear below
- Domains analysed
- 48K+
Aggregated data since 2025
- Uptime SLA
- 99.99%
Measured over the last 12 months
- SPF/DKIM/DMARC reports generated
- 260K+
- Active monitors
- 8K+
Alerts sent as soon as a difference or latency anomaly is detected
Three pillars, one platform
Diagnose your DNS zones and email authentication, host your security policies and monitor everything continuously.
Diagnose
Enter a domain, get a complete verdict on DNS and email authentication. Overall score, identified errors and fixes to apply.
Run an auditHost
MTA-STS, BIMI and DMARC/TLS-RPT monitoring without infrastructure to manage. Activate your policies in a few clicks.
Discover hostingMonitor
Continuous DNS alerts, aggregated DMARC and TLS-RPT reports, change detection and latency anomalies.
Enable monitoringHow it works
1
Enter your domain
Type your domain name and pick one of the 64+ available tools.
2
Get a full diagnosis
CaptainDNS queries 18 resolvers across 4 continents and analyses your DNS, SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC records.
3
Fix with guided recommendations
Every issue detected comes with a clear explanation and a ready-to-paste corrected record.
Simple, transparent pricing
All tools are free. Plans add volume, retention, and API access.
Starter
€23/ mo
- 50 DNS watches
- 25 DMARC domains
- 30 HTTP monitors
- 3 status pages
- 60-day log retention
- 50K API credits
Recommended
Pro
€79/ mo
- 150 DNS watches
- 100 DMARC domains
- 150 HTTP monitors
- 10 status pages
- 120-day log retention
- 500K API credits
Business
€159/ mo
- 500 DNS watches
- 200 DMARC domains
- 250 HTTP monitors
- 40 status pages
- 395-day log retention
- 2M API credits
Featured tools
Monitoring and hosting
Email audit and analysis
Email header analysis
Authentication, routing, filtering: what your email headers reveal
Paste raw email headers and get a detailed report on authentication, delivery path and spam verdict.
- SPF, DKIM and DMARC verdict in one second: pass, fail or missing
- Anti-spam score and signals that trigger filtering
- Full timeline of the delivery path, server by server
- Sending identities, recipients and verified signatures
Deliverability audit
Know your deliverability score before you hit send
Full scan of SPF, DKIM, DMARC, MTA-STS, BIMI, DANE and DNSSEC in a single pass. Overall score, per-protocol verdict and fixes to apply.
- 7 protocols checked in parallel with individual verdicts
- Overall score from 0 to 100 with prioritised recommendations
- MX, TLS and SMTP connectivity verification
- BIMI logo extraction and preview when available
New
Redirect your domains with Redirect Map and analytics
Redirect any domain with automatic HTTPS. Define per-path rules (exact, prefix, regex), import via CSV, and track traffic in real time with the analytics dashboard.
Automatic HTTPS
TLS certificates issued and renewed automatically via Let's Encrypt.
SEO Redirect Map
Per-path rules with exact, prefix, or regex matching. CSV import.
Real-time statistics
Hits, unique visitors, 404s, top referrers, countries, and paths.
301 and 302 redirects
Permanent for SEO or temporary for campaigns.
Path forwarding
Preserve URL paths and query strings during redirection.
Apex and subdomains
Root domains via A/AAAA and subdomains via CNAME.
Observatory
Average email security score of listed companies: 42/100
1 600+ listed companies across 16 stock indices, analysed weekly on 8 protocols. 60% score a D or an F.
- Average score
- 42/100
- Companies analysed
- 1 600+
- Stock indices
- 16
- Scored D or F
- 60%
Built for your team
Marketing and Email Ops
Protect the sending reputation of your campaigns. Audit deliverability, monitor DMARC and TLS-RPT reports, and spot blockers before your recipients do.
Enable DMARC monitoringIT and SRE
Harden email authentication across all your domains. Deploy MTA-STS, DNSSEC and DANE, then continuously monitor DNS changes.
Deploy MTA-STSAgencies and consultants
Audit your clients' domains in seconds. Generate shareable reports and demonstrate the value of every fix.
Analyze a client headerLatest articles
BlogCaptainDNS · April 24, 2026
HSTS: the complete guide to enable Strict-Transport-Security and the preload list
HSTS (RFC 6797) forces browsers to contact your site only over HTTPS. This guide covers the protocol, the directives, per-stack configurations and how to submit to the Chrome preload list.
CaptainDNS · April 21, 2026
Cloudflare Email Service: Email Routing, Security, and DMARC Management explained
Cloudflare now covers 4 email layers: free Email Routing, transactional Email Service (public beta April 2026), anti-phishing Email Security (formerly Area 1), and DMARC Management. Complete guide covering architecture, DNS, Proofpoint/Mimecast comparison, and pricing.
About
Built for the people who fix email problems
You manage DNS zones, you debug deliverability issues or you secure email authentication for your clients. CaptainDNS gives you answers in seconds, with clear explanations of what needs to change and why.
18 resolvers spread across 4 continents reproduce what your recipients actually see. If a resolver in Frankfurt, Sydney or Montreal gets a different answer, you know immediately.
- Global resolvers monitored
- 18
- Uptime over 12 months
- 99.99%
- Languages supported
- 6
- Continents covered
- 4
FAQ
Frequently asked questions
Stay in control of DNS and deliverability with actionable explanations. Here are the answers to the most common requests.
Is CaptainDNS really free?
Yes, all diagnostic tools are free and accessible without signing up. [Paid plans](/pricing) add history, automated exports and priority support.
Do I need technical knowledge to use CaptainDNS?
No. Every result comes with plain-language explanations and step-by-step recommendations. Marketing teams use it just as much as engineers.
Does the DNS lookup run from multiple regions?
Yes, each query runs across 18 resolvers on four continents so you see what your recipients experience.Try a DNS lookup
Can I export my audit results?
Reports and histories download as CSV, JSON and PDF. [Pro plans](/pricing) can also push exports to S3 or BigQuery.
How do monitoring alerts work?
Pick a domain and record type to watch: we automatically query 18 resolvers and notify you by email or webhook as soon as a difference or latency anomaly appears.Set up a monitor
How do you handle oversized SPF records?
SPF Lab calculates lookup counts, highlights cascading includes and suggests safe flattening strategies.Try SPF Flattener
Can I share a saved request?
Yes. Every stored request includes a shareable link with sensitive inputs redacted, and you can turn it into a monitor in one click.
Is there an API?
Absolutely. Every key capability is available through a REST API with token authentication and webhooks for alerts.
Is the platform a good fit for agencies?
Multi-brand organisations are supported with shared access, folders and per-client quotas.View the observatory
Do you offer a free trial?
All tools can be launched for free. [Paid plans](/pricing) unlock history, automated exports and priority support.Explore all 64+ tools
Test your email before your recipients do
Send a test email and instantly check SPF, DKIM, DMARC, spam score and inbox placement.
- Real-time SPF, DKIM and DMARC verdict
- Spam score and spam folder probability
- Results in under 30 seconds