Skip to main content
Log in
CaptainDNS

Email Diagnostics

Tools to verify and validate your email authentication setup.

SPF
DKIM
DMARC
DMARCbis
BIMI
MTA-STS
TLS-RPT
DANE / TLSA

Deliverability

Email deliverability auditMail header analyzerEmail testerIP Blacklist CheckerDomain Blacklist CheckerSPF FlattenerDKIM Selector FinderSMTP/MX Tester

Secure & Monitor

Record generators, policy hosting and continuous monitoring.

Network & Web

Network tools, web page analysis and certificates.

IP Tools

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

IPv6 subnet calculator

Calculate IPv6 subnets, address ranges and reverse DNS entries.

Certificates & BIMI

BIMI logo lookup

Inspect a BIMI logo URL - format, metadata and live rendering - before rollout.

BIMI SVG converter

Convert any SVG to BIMI-compliant Tiny-PS format in seconds.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate - issuer, validity and SAN coverage - before you publish BIMI.

Web

Page size checker

Check if your page exceeds Google's 2 MB crawl limit.

Phishing URL Checker

Check if a URL is flagged as phishing or malware by 4 threat intelligence sources.

Redirect Checker

Analyze HTTP redirect chains

Domain Redirect

Redirect your domains with automatic HTTPS and 301/302 redirects.

HTTP Uptime Monitor

Monitor your sites with scheduled HTTP checks and email alerts.

Status Pages

Publish a public status page grouping your HTTP monitors.

Developer Tools

Text utilities and tools for everyday dev work.

Text

Transform and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Password generator

Generate strong random passwords and memorable passphrases instantly.

Developer

Encoding, hashing, regex and formatting for everyday dev work.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Hash Generator

Compute MD5, SHA-1, SHA-256 and SHA-512 hashes of any text.

URL encoder / decoder

Encode or decode text using percent-encoding (RFC 3986) right in your browser.

Regex Tester

Test a regular expression against text and visualize matches.

JSON / YAML Formatter

Format, validate and convert JSON and YAML in one click.

🇫🇷 Email Security in France

Weekly audit of email security across 35 listed companies headquartered in France.

35 companies analysed · Scan week: 2026-03-23

  • Listed companies headquartered in France score an average of 53/100 for email authentication and DNS security.
  • 0% of France companies achieve grades A+ or A in email security, while 37% score D or F.
  • This is 11 points above the global average of 42 across all 1601 companies in the observatory.
  • DMARC email authentication is deployed by 97.1% of France companies, with 57.1% enforcing a reject policy to prevent domain spoofing.
  • SPF records are published on 100% of analysed domains, authorizing legitimate email senders.
  • BIMI brand indicator adoption stands at 9% in France.
  • MTA-STS enforced TLS encryption is deployed by 3% of companies, securing inbound email delivery.
  • DNSSEC domain signing is active on 20% of France domains.
  • The highest-scoring company is Schneider Electric with 73/100 (B).
  • Safran trails at 15/100, with significant room for improvement.
  • Scores range from 15 to 73 with a median of 55, showing disparate email security postures across France listed companies.

Average score

53/ 100

DMARC reject

57.1%

BIMI configured

9%

MTA-STS enforce

3%

DNSSEC enabled

20%

0
A+
0
A
3
B
19
C
12
D
1
F

53

Average

55

Median

15

Min

73

Max

Grade
1Schneider Electricse.com73B
2Thalesthalesgroup.com71+2B
3BNP Paribasbnpparibas.com70B
4Vivendivivendi.com67C
5Danonedanone.com67C
6Orangeorange.com66C
7LVMHlvmh.com59C
8Capgeminicapgemini.com59C
9L'Oréalloreal.com59+5C
10Renaultrenaultgroup.com58+3C
11Hermèshermes.com58C
12Air Liquideairliquide.com57C
13TotalEnergiestotalenergies.com56+2C
14Michelinmichelin.com56C
15Unibail-Rodamco-Westfieldurw.com55C
16Dassault Systèmes3ds.com55C
17Saint-Gobainsaint-gobain.com55C
18Bureau Veritasbureauveritas.com55C
19Sanofisanofi.com54C
20Veoliaveolia.com54C
21Carrefourcarrefour.com51C
22Bouyguesbouygues.com51C
23EssilorLuxotticaessilorluxottica.com49D
24Teleperformancetp.com49D
25Vincivinci.com49D
26Engieengie.com48+1D
27Société Généralesocietegenerale.com47D
28Legrandlegrand.com47D
29Pernod Ricardpernod-ricard.com46D
30Keringkering.com44D
31Publicis Groupepublicisgroupe.com42D
32Crédit Agricolecredit-agricole.com40D
33Alstomalstom.com39D
34AXAaxa.com38D
35Safransafran-group.com15F

Understanding country-level analysis

Grouping companies by country reveals how corporate email security practices vary across markets. Countries with stricter regulatory environments or more mature cybersecurity ecosystems tend to show higher average scores.

What this page shows:

  • Average score - The mean email security score across all listed companies in this country
  • Grade distribution - How many companies fall into each grade bracket (A+ through F)
  • DMARC reject rate - The percentage of companies enforcing strict DMARC policies
  • Company table - Individual scores, grades and key indicator status

Key standards tracked

Each company is evaluated on:

  1. SPF - Is the sending policy properly configured? Does it use -all (hard fail)?
  2. DKIM - Are signing keys published and strong enough (2048-bit minimum)?
  3. DMARC - Is a policy in place? Is it set to quarantine or reject?
  4. BIMI - Is the brand logo published for inbox display?
  5. MTA-STS - Is inbound email transport encryption enforced?
  6. DNSSEC - Is the DNS zone signed to prevent spoofing?

FAQ - Frequently asked questions

Q: How are companies grouped by country?

A: Based on the stock exchange where they are listed.

Q: What standards are checked?

A: SPF, DKIM, DMARC, BIMI, MTA-STS, DANE/TLSA and DNSSEC.

Q: Can I compare countries?

A: Yes, via the Statistics page.

PagePurpose
Observatory DashboardOverall overview with key metrics
StatisticsCross-country and cross-sector comparison
Email Domain CheckAudit your own domain