Log in
CaptainDNS

Propagation & diagnostics

Compare resolvers worldwide and inspect returned answers.

Email authentication

Tools to verify and validate your email authentication setup.

SPF syntax validator

Review include chains and DNS query limits before publishing changes.

SPF record inspector

Resolve the published TXT record, flag lookup limits and decode each mechanism.

DKIM syntax validator

Quickly check the syntax of your DKIM records.

DKIM record check

Resolve a selector and analyse the published DKIM TXT record.

DMARC syntax validator

Check rua/ruf destinations, alignment modes and the active policy before publishing.

DMARC record inspector

Resolve the published policy, surface diagnostics and confirm enforcement before switching to reject.

BIMI syntax validator

Validate BIMI tags, the logo fetch and the VMC certificate before publishing.

BIMI record inspector

Resolve the published BIMI record, inspect logo and VMC diagnostics in one place.

Email deliverability audit

Audit MX, SPF, DKIM and DMARC to confirm a domain is ready to send.

Mail header analyzer

Decode participants, authentication results and routing from raw headers.

DMARC record generator

Create compliant DMARC records with all policy and reporting options.

Text

Transform, encode and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Images

Preview and validate your BIMI logos before publishing.

BIMI logo lookup

Inspect a BIMI logo URL—format, metadata and live rendering—before rollout.

Certificates

Inspect CSRs, BIMI logos and VMC certificates before you deploy.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate—issuer, validity and SAN coverage—before you publish BIMI.

IP

Look up addresses, owners, reverse records and ranges.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

Audit your domain before sending email

How to use the deliverability audit

Run a full deliverability audit in seconds: active MX, usable SPF, available DKIM selectors and an enforceable DMARC policy.

Gather the essentials

Provide the From domain, optionally add the bounce domain (return-path) and list the DKIM selectors you rely on so the check covers every path.

Launch the complete scan

The tool queries each record, aggregates diagnostics and separates blocking errors from advisory warnings so you can triage quickly.

Share the root causes

Use the suggested causes and advice to align marketing, security and deliverability teams on the same diagnostic snapshot.

Why use this deliverability audit engine?

Before a campaign or putting a new sender domain into production, verify that the entire authentication chain is published and usable. This form queries DNS, compares responses for the From, Mail From and your DKIM selectors, then classifies the result as ready, degraded or blocked. The report explains what to fix and in what order.

Quick steps

  1. Enter the domain used in the From header.
  2. If the return domain differs, add the Mail From to evaluate the SPF actually verified.
  3. Indicate the DKIM selectors to check, separated by commas, for example google, selector1, brevo2.
  4. Launch Verify and read the summary then the detailed sections.

When to launch the check

  • Before an important send to confirm active MX, usable SPF, present DKIM selectors and readable DMARC.
  • During a deliverability incident to quickly spot the faulty layer: MX, SPF, DKIM or DMARC.
  • After a DNS change to see the real effect and account for caches via TTL.

Understanding the report

MX: reception and signal sent

MX records indicate where your domain accepts mail. Missing or invalid MX records trigger rejections and suggest the domain is not intended for email. If you don't accept messages, publish a null MX 0 . to clarify the intention. Also verify that each MX target resolves to A or AAAA.

SPF: sender authorization

SPF describes which hosts can send on behalf of the domain. The engine validates syntax, counts DNS queries and flags traps: ten lookup limit, obsolete mechanisms like PTR or +all, broken includes, non-existent domains. Simple objective: one SPF per name, clear and under the limit.

DKIM: integrity and identity

DKIM signs the message. The check verifies the presence of the p tag, key length, invalid characters and existence of provided selectors. It alerts on missing or unusable selectors. Take the opportunity to plan key rotation and fix truncated formatting.

DMARC: policy and observability

DMARC links SPF and DKIM to a p policy that applies: none, quarantine or reject. The report highlights adkim and aspf alignment, subdomain policy sp and validity of rua and ruf addresses. Without readable reports, the move to strictness remains blind.

Deepen your deliverability

Deliverability depends on a coherent trio: DNS and sending practice. Combine this audit with CaptainDNS's SPF, DKIM and DMARC validators to test each building block, then document detected causes and applied corrections. Keep track of changes: date, previous value, new value, TTL. You'll save time during future sends as well as during diagnosis.