Log in
CaptainDNS

Propagation & diagnostics

Compare resolvers worldwide and inspect returned answers.

Email authentication

Tools to verify and validate your email authentication setup.

SPF syntax validator

Review include chains and DNS query limits before publishing changes.

SPF record inspector

Resolve the published TXT record, flag lookup limits and decode each mechanism.

DKIM syntax validator

Quickly check the syntax of your DKIM records.

DKIM record check

Resolve a selector and analyse the published DKIM TXT record.

DMARC syntax validator

Check rua/ruf destinations, alignment modes and the active policy before publishing.

DMARC record inspector

Resolve the published policy, surface diagnostics and confirm enforcement before switching to reject.

BIMI syntax validator

Validate BIMI tags, the logo fetch and the VMC certificate before publishing.

BIMI record inspector

Resolve the published BIMI record, inspect logo and VMC diagnostics in one place.

Email deliverability audit

Audit MX, SPF, DKIM and DMARC to confirm a domain is ready to send.

Mail header analyzer

Decode participants, authentication results and routing from raw headers.

DMARC record generator

Create compliant DMARC records with all policy and reporting options.

Text

Transform, encode and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Images

Preview and validate your BIMI logos before publishing.

BIMI logo lookup

Inspect a BIMI logo URL—format, metadata and live rendering—before rollout.

Certificates

Inspect CSRs, BIMI logos and VMC certificates before you deploy.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate—issuer, validity and SAN coverage—before you publish BIMI.

IP

Look up addresses, owners, reverse records and ranges.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

Mail header analyzer

Paste the full header block exactly as received. The body is optional.

Paste the headers of a received message to decode the participants, authentication verdicts and routing path.

Decode what actually happened to a message

Email headers are the only reliable trace of a delivery path. They tell you who sent the message, which infrastructure relayed it, and how each security check evaluated the payload. By pasting the raw header block, the analyzer structures the information and highlights the parts that matter: aligned domains, authentication verdicts and forwarding hops.

Participants at a glance

  • Visible identities. The tool gathers From, Sender, Reply-To, To, Cc and Bcc values. You can quickly compare the display names with the underlying addresses and spot spoofing attempts.
  • Return-Path and envelope sender. Seeing the bounce domain alongside the visible From header helps diagnose SPF alignment issues or forwarding loops.
  • Message identifiers. The analyzer extracts the subject, message ID and sending date (normalised to RFC 3339 when possible) for precise ticket references.

Authentication verdicts explained

  • SPF, DKIM, DMARC. Each mechanism is summarised with the evaluated domain, scope or selector and the result returned by the recipient server. Alignment is clearly flagged so you know whether the visible From matches the authenticated identity.
  • Received-SPF trace. When relays add Received-SPF, you can see the evaluated IP, envelope-from and any upstream comment. This is invaluable when third parties forward messages on your behalf.
  • Authentication-Results map. Every Authentication-Results and ARC-Authentication-Results header is parsed into a readable list. The original raw value stays visible for audit trails.

Follow the routing path

  • Received chains. The tool preserves the chronological list of Received and X-Received headers to show every hop, including MTA handovers or Google-specific relays.
  • Forwarding hints. Fields such as Delivered-To, X-Original-To, X-Forwarded-To and Google forwarding indicators highlight aliasing, catch-alls and mailing list flows.

Use the analyzer whenever you review abuse reports, debug alignment failures or document a deliverability incident. Pair it with the DMARC, DKIM and SPF inspectors to correlate the theoretical configuration with real-world behaviour.