Free — No strings attached

Get a Free Email & DNS Security Audit

Identify DMARC, SPF, and DKIM misconfigurations before attackers exploit them. Get a detailed report with remediation steps — delivered in 48 hours.

Detect spoofing & phishing exposure

Verify DMARC, SPF, DKIM, MTA-STS, TLS-RPT

Clear remediation steps — no fluff

Get a Free AuditNo sales pressure. No access required.

Email & DNS Audit Report

acme-corp.com · January 2026

Score: B-

DMARC

Policy set to none — not enforcing

Warning

SPF

12 DNS lookups — exceeds 10 limit

Fail

DKIM

2048-bit RSA, properly aligned

Pass

MTA-STS

No MTA-STS policy found

Missing

TLS-RPT

No TLS-RPT record configured

Missing

3 issues found · 2 critical

Sample report preview

91%

of breaches start with email — Verizon DBIR

48hr

report delivery

credentials needed

100%

external, read-only

Trusted by cloud-native teams across industries

SaaS & Technology

Cloud-Native Startups

SOC 2 Certified Orgs

Regulated Industries

Remote-First Teams

500+

domains audited

24hr

avg. delivery time

98%

find critical issues

4.9/5

audit satisfaction

Why This Matters

Most Organizations Think Email Is Secure. It Isn't.

Email authentication protocols like DMARC, SPF, and DKIM are your first line of defense. But misconfiguration is the norm — not the exception.

Critical

DMARC set to "none"

Monitoring-only mode means spoofed emails still land in inboxes. Your domain can be impersonated with zero resistance.

~80% of domains have DMARC at "none" or no DMARC at all

High

SPF too permissive

Overly broad SPF records allow unauthorized senders to pass validation. Exceeding the 10-lookup limit silently breaks SPF entirely.

SPF lookup overflow is the #1 undetected email config error

Medium

Broken DKIM rotation

Stale or misconfigured DKIM keys weaken message integrity verification. Rotation failures go unnoticed until alignment breaks.

Weak DKIM keys (1024-bit) are vulnerable to brute-force attacks

The result: spoofing, phishing, domain abuse, and failed compliance checks.

These aren't theoretical risks — they're active attack vectors exploited daily against businesses of every size.

Check Your Domain

How It Works

Submit your domain. We do the rest. No meetings, no questionnaires, no setup.

30 sec

Submit Your Domain

Enter your work email and domain. Takes 30 seconds. We don't need any access or credentials.

24-48 hrs

We Run the Audit

Our engineers perform a comprehensive external scan of your email authentication and DNS configuration.

Yours to keep

Get Your Report

Receive a detailed PDF with findings, severity ratings, and step-by-step remediation instructions.

What's Included in the Audit

A thorough, external review of your email authentication and DNS configuration — the same view an attacker has.

DMARC Policy & Alignment

Verify policy mode (none/quarantine/reject), alignment settings, aggregate and forensic reporting, and subdomain policies.

Policy modeAlignmentrua/ruf reporting

SPF Record Validation

Detect overly permissive mechanisms, excessive DNS lookups (10-lookup limit), void lookups, and syntax errors.

Lookup depthMechanismsSyntax validation

DKIM Signing Verification

Validate selector configuration, key strength (RSA/Ed25519), signing alignment, and rotation readiness.

Key strengthSelector configAlignment

MTA-STS & TLS-RPT

Assess MTA-STS policy file, DNS record, enforcement mode, and TLS reporting configuration for transport-layer security.

Policy fileEnforcement modeTLS reporting

DNS Hygiene

Identify dangling CNAME records, stale MX entries, misconfigured PTR records, and configuration drift across zones.

MX recordsCNAME hygienePTR validation

Your Report Includes

Pass/fail status for each protocol
Severity-rated findings
Plain-language risk explanations
Copy-paste DNS record fixes
Priority remediation roadmap

Read-only analysis

No credentials needed

External scan only

Results in 48 hours

Who This Audit Is For

Built for teams that rely on email and need confidence their domain is protected.

Ideal for

Google Workspace users

Ensure Gmail SPF/DKIM defaults are enforced and DMARC is active.

Microsoft 365 users

Validate Exchange Online DNS records and connector authentication.

Cloud-native SMBs

Protect customer-facing domains across multi-cloud environments.

SaaS & tech companies

Prevent domain spoofing that erodes product trust and deliverability.

Compliance-driven orgs

Meet SOC 2, HIPAA, and FedRAMP email authentication requirements.

Not designed for

Enterprise on-premises Exchange without cloud DNS
Internal penetration testing engagements
Parked domains with no active email sending

Unsure? Submit a request and we'll let you know.

Not sure if your email is vulnerable?

That's the point. Most misconfigurations are invisible until they're exploited. The audit takes 30 seconds to request.

Check Your Domain

Why PlatOps Security

We're not a scanning tool that dumps raw output. We're engineers who read the results and tell you exactly what to fix.

Cloud & email security specialists

Email authentication, DNS security, and cloud posture management is all we do. Deep expertise, not a checkbox service.

Practical, engineering-led audits

Every finding comes with copy-paste DNS records and implementation steps. Actionable from day one.

No compliance theater

We test what attackers actually test. Our reports reflect real-world exposure — not a regulatory checklist.

Clear remediation guidance

Specific DNS record changes, priority ordering, and plain-language explanations. Your team can implement without us.

Human-reviewed

Every report is reviewed by a security engineer

48-hour delivery

Most reports delivered within 24 hours of request

Yours to keep

No paywall, no login required to access your report

Request Your Free Audit

Enter your domain and we'll deliver a comprehensive Email & DNS Security Audit within 48 hours.

Your report includes

DMARC, SPF, DKIM pass/fail analysis

MTA-STS and TLS-RPT configuration check

Severity-rated findings with risk context

Copy-paste DNS record remediation steps

Priority-ordered action plan

Read-only

No credentials

48hr delivery

PDF report

Request Your Free Audit

Takes 30 sec

Frequently Asked Questions

Is this really free?

Yes. The Email & DNS Security Audit is completely free with no hidden costs. We provide this as a way to demonstrate our expertise and help organizations understand their email security posture. There's no credit card, no trial period, and no obligation.

Do you need access to our systems?

No. The audit is performed externally using only publicly available DNS records — the same information an attacker would see. We never need credentials, admin access, or internal network access. You just provide your domain name.

How long does it take?

You'll receive your audit report within 48 hours of submitting the request. Most reports are delivered within 24 hours. The report includes specific findings, severity ratings, and step-by-step remediation guidance.

Will you try to sell us something?

We'll send you the report and that's it. If you want help implementing the recommendations, we're available — but there's no follow-up sales cadence, no drip campaigns, and no pressure. The report is yours to keep regardless.

What do we get at the end?

A detailed PDF report covering your DMARC, SPF, DKIM, MTA-STS, and TLS-RPT configuration. Each finding includes a severity rating (Critical/High/Medium/Low), a plain-language explanation of the risk, and concrete remediation steps with DNS record examples.

Need help implementing the fixes?

Our engineers can implement every recommendation from your audit — DMARC enforcement, SPF flattening, DKIM rotation, MTA-STS deployment, and ongoing monitoring. Most configurations are production-ready within days.

Explore Email & DNS Security Services

Find out if your email is vulnerable

Takes 30 seconds. No credentials. No commitment.

Get a Free Audit

No sales pressure. Report delivered to your inbox.