CaptainDNS hosts your MTA-STS policy and BIMI logo, and monitors your DMARC and TLS-RPT reports automatically. All free, no server required.
Google, Yahoo and Microsoft now require stronger email authentication. Protect your deliverability in just a few clicks.
CaptainDNS hosts your MTA-STS policy and BIMI logo, and monitors your DMARC and TLS-RPT reports automatically. All free, no server required.
Google, Yahoo and Microsoft now require stronger email authentication. Protect your deliverability in just a few clicks.
60% of listed companies score a D or F on email authentication.
Resolve, audit and monitor your DNS records and SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC protocols from a single dashboard.
Host your email security policies, get alerts as soon as an anomaly appears and generate shareable reports for your clients.
64+ free tools, 18 resolvers across 4 continents, results in seconds.
Auto-detection - matching tools will appear below
Aggregated data since 2025
Measured over the last 12 months
Alerts sent as soon as a difference or latency anomaly is detected
Diagnose your DNS zones and email authentication, host your security policies and monitor everything continuously.
Enter a domain, get a complete verdict on DNS and email authentication. Overall score, identified errors and fixes to apply.
Run an auditMTA-STS, BIMI and DMARC/TLS-RPT monitoring without infrastructure to manage. Activate your policies in a few clicks.
Discover hostingContinuous DNS alerts, aggregated DMARC and TLS-RPT reports, change detection and latency anomalies.
Enable monitoringType your domain name and pick one of the 64+ available tools.
CaptainDNS queries 18 resolvers across 4 continents and analyses your DNS, SPF, DKIM, DMARC, MTA-STS, BIMI and DNSSEC records.
Every issue detected comes with a clear explanation and a ready-to-paste corrected record.
Paste raw email headers and get a detailed report on authentication, delivery path and spam verdict.
Full scan of SPF, DKIM, DMARC, MTA-STS, BIMI, DANE and DNSSEC in a single pass. Overall score, per-protocol verdict and fixes to apply.
Redirect any domain with automatic HTTPS. Define per-path rules (exact, prefix, regex), import via CSV, and track traffic in real time with the analytics dashboard.
Automatic HTTPS
TLS certificates issued and renewed automatically via Let's Encrypt.
SEO Redirect Map
Per-path rules with exact, prefix, or regex matching. CSV import.
Real-time statistics
Hits, unique visitors, 404s, top referrers, countries, and paths.
301 and 302 redirects
Permanent for SEO or temporary for campaigns.
Path forwarding
Preserve URL paths and query strings during redirection.
Apex and subdomains
Root domains via A/AAAA and subdomains via CNAME.
1 600+ listed companies across 16 stock indices, analysed weekly on 8 protocols. 60% score a D or an F.
Protect the sending reputation of your campaigns. Audit deliverability, monitor DMARC and TLS-RPT reports, and spot blockers before your recipients do.
Enable DMARC monitoringHarden email authentication across all your domains. Deploy MTA-STS, DNSSEC and DANE, then continuously monitor DNS changes.
Deploy MTA-STSAudit your clients' domains in seconds. Generate shareable reports and demonstrate the value of every fix.
Analyze a client headerCaptainDNS · March 29, 2026
Every email carries an invisible logbook. This guide teaches you how to extract it, read it field by field, and diagnose deliverability or security issues.
CaptainDNS · March 28, 2026
Your email gateway blocks 99% of threats. But the 1% that gets through is what matters. Here are the 10 header indicators that most filters ignore.
CaptainDNS · March 28, 2026
In January 2026, Microsoft revealed that indirect MX configurations allow attackers to spoof internal identities by bypassing SPF, DKIM, and DMARC.
You manage DNS zones, you debug deliverability issues or you secure email authentication for your clients. CaptainDNS gives you answers in seconds, with clear explanations of what needs to change and why.
18 resolvers spread across 4 continents reproduce what your recipients actually see. If a resolver in Frankfurt, Sydney or Montreal gets a different answer, you know immediately.
Stay in control of DNS and deliverability with actionable explanations. Here are the answers to the most common requests.
Send a test email and instantly check SPF, DKIM, DMARC, spam score and inbox placement.
DNS Lookup
Choose a DNS record type to search for.
Propagation & diagnostics
Compare resolvers worldwide and inspect returned answers.
Keep history, monitor your zones and automate recurring checks.
Email Diagnostics
Tools to verify and validate your email authentication setup.
Secure & Monitor
Record generators, policy hosting and continuous monitoring.
Generators
Network & Web
Network tools, web page analysis and certificates.
IP Tools
My IP address
Detect your IPv4/IPv6 addresses and their geolocation.
Reverse lookup
Resolve a PTR record and validate DNS consistency.
IP WhoIs
Identify the owner of an IP range and its contacts.
IPv4 netmask
Calculate network, broadcast and usable hosts for any IPv4 block.
IPv6 subnet calculator
Calculate IPv6 subnets, address ranges and reverse DNS entries.
Certificates & BIMI
BIMI logo lookup
Inspect a BIMI logo URL - format, metadata and live rendering - before rollout.
BIMI SVG converter
Convert any SVG to BIMI-compliant Tiny-PS format in seconds.
CSR parser
Inspect a CSR, extract subject details, fingerprints and requested SANs.
VMC inspector
Inspect a Verified Mark Certificate - issuer, validity and SAN coverage - before you publish BIMI.
Developer Tools
Text utilities and tools for everyday dev work.
Text
Transform and measure your content in seconds.
Text case converter
Convert any block of text to upper or lower case instantly.
Slug generator
Transform any sentence into an SEO-friendly slug in seconds.
Word & character counter
Measure the length of any text, with instant word and character counts.
Password generator
Generate strong random passwords and memorable passphrases instantly.
Developer
Encoding, hashing, regex and formatting for everyday dev work.
Base64 encoder / decoder
Encode or decode any content in Base64 without leaving the browser.
Hash Generator
Compute MD5, SHA-1, SHA-256 and SHA-512 hashes of any text.
URL encoder / decoder
Encode or decode text using percent-encoding (RFC 3986) right in your browser.
Regex Tester
Test a regular expression against text and visualize matches.
JSON / YAML Formatter
Format, validate and convert JSON and YAML in one click.