Pricing

$1.00 / 1,000 domain validations

Go to Apify Store

DMARC, SPF & DKIM Validator

Try for free

Validate email authentication DNS records to prevent spoofing and ensure high email deliverability for your domains.

Pricing

$1.00 / 1,000 domain validations

Rating

0.0

(0)

Developer

Andok

Actor stats

Bookmarked

Total users

Monthly active users

16 days ago

Last modified

DMARC / SPF / DKIM Validator

Audit email authentication DNS records for any domain to catch deliverability killers and compliance gaps. Missing or misconfigured SPF, DMARC, and DKIM records cause emails to land in spam, fail authentication checks, and leave domains open to spoofing. Validate hundreds of domains in bulk with structured results that flag every issue.

Features

Three-protocol coverage — validates SPF, DMARC, and DKIM records in a single run
Bulk domain processing — scan hundreds of sender domains with configurable concurrency
DKIM selector scanning — checks common selectors (default, selector1, selector2, google, mail, smtp) with support for custom lists
Issue detection — flags missing records, syntax errors, overly permissive policies, and DNS lookup limits
DMARC policy parsing — extracts policy, subdomain policy, percentage, and reporting URIs
SPF validation — checks syntax, mechanism order, and estimates DNS lookup count
Raw record inclusion — optionally include full DNS TXT records for debugging
Charge limit support — respects the Apify max charge per run to control costs

Input

Field	Type	Required	Default	Description
`domains`	`array`	No	`["google.com"]`	List of domains to validate email authentication records for
`domain`	`string`	No	—	Single domain to validate (backwards compatible, use `domains` for bulk)
`dkimSelectors`	`array`	No	`["default", "selector1", ...]`	DKIM selectors to check. The actor tries each selector until a valid one is found
`stopAfterFirstValidDkim`	`boolean`	No	`true`	Stop checking DKIM selectors after finding the first valid one to save DNS queries
`timeoutSeconds`	`integer`	No	`8`	DNS query timeout in seconds per lookup (1-60)
`concurrency`	`integer`	No	`5`	Number of domains to process in parallel (1-25)
`includeRawRecords`	`boolean`	No	`true`	Include raw DNS TXT record strings in the output for debugging

Input Example

{
  "domains": ["example.com", "newsletter.example.com"],
  "dkimSelectors": ["default", "selector1", "selector2", "google", "mailchimp"],
  "stopAfterFirstValidDkim": true,
  "includeRawRecords": true
}

Output

Each domain produces one dataset item with detailed SPF, DMARC, and DKIM validation results.

Key fields:

domain (string) — the domain that was validated
hasSpf / spfValid (boolean) — whether an SPF record exists and passes validation
hasDmarc / dmarcPolicy (boolean / string) — whether DMARC exists and its enforcement policy
hasDkim / dkimValidSelectors (boolean / array) — whether valid DKIM records were found and which selectors
spf (object) — full SPF analysis with record, validity, mechanisms, and issues
dmarc (object) — full DMARC analysis with policy, reporting URIs, and issues
dkim (object) — per-selector DKIM results with validity status
issues (array) — consolidated list of all problems found across protocols

Output Example

{
  "domain": "example.com",
  "checkedAt": "2025-03-09T14:30:00.000Z",
  "hasSpf": true,
  "spfValid": true,
  "spf": {
    "found": true,
    "record": "v=spf1 include:_spf.google.com ~all",
    "isValid": true,
    "issues": []
  },
  "hasDmarc": true,
  "dmarcPolicy": "reject",
  "dmarc": {
    "found": true,
    "policy": "reject",
    "subdomainPolicy": "reject",
    "percentage": 100,
    "reportingUris": ["mailto:dmarc@example.com"],
    "isValid": true,
    "issues": []
  },
  "hasDkim": true,
  "dkimValidSelectors": ["google"],
  "dkim": {
    "selectorsChecked": ["default", "selector1", "google"],
    "validSelectors": ["google"],
    "selectors": [
      {
        "selector": "google",
        "found": true,
        "isValid": true,
        "issues": []
      }
    ]
  },
  "issues": []
}

Pricing

Event	Cost
Domain Validation	Pay-per-event pricing applies

Set ACTOR_MAX_TOTAL_CHARGE_USD to control maximum spending per run.

Use Cases

Email deliverability audits — validate SPF, DMARC, and DKIM before launching email campaigns to avoid spam placement
Domain security compliance — audit all company domains for proper email authentication as part of SOC 2 or security reviews
Client onboarding for agencies — scan new client domains to identify email authentication gaps before taking over email marketing
Ongoing monitoring — schedule weekly checks to catch broken records after DNS changes or provider migrations
Spoofing risk assessment — identify domains with missing or permissive DMARC policies that are vulnerable to phishing

Actor	What it adds
DNS Propagation Checker	Verify that updated SPF/DMARC/DKIM records have propagated across global resolvers
SSL Certificate Monitor	Check SSL certificate health alongside email authentication for a complete domain audit
Security Headers Analyzer	Audit HTTP security headers to complement email security checks

Notes

SPF validation is lightweight — it checks syntax and common misconfigurations but does not perform full RFC 7208 processing.
DKIM requires knowing the selector. The actor checks common selectors by default, but if your domain uses a custom selector (e.g., mailchimp, sendgrid), add it to the dkimSelectors input.
Increasing the number of DKIM selectors increases DNS query count proportionally.

DNS / SPF / DKIM / DMARC Audit API

taroyamada/dns-dmarc-security-checker

Audit SPF, DKIM, DMARC, and MX in bulk with grades, fix-ready recommendations, and recurring email-security monitoring.

太郎山田

DNS Record Lookup - MX, A, TXT, DMARC & SPF Check

ryanclinton/dns-record-lookup

Look up DNS records for any domain in bulk -- A, AAAA, MX, NS, TXT, CNAME, and SOA -- with built-in email security analysis for SPF, DMARC, and DKIM. Process hundreds of domains in parallel, get structured JSON output, and integrate results into any pipeline via the Apify API.

ryan clinton

Email Validator

louisdeconinck/email-validator

Validate emails with checks on format, alias, DNS & disposable email. Clean lists, prevent fraud and boost deliverability with this fast and easy actor.

Louis Deconinck

244

5.0

Email Validator 🔥🔥

boneswill/email-validator

Efficiently validate email addresses

succexx_DEV

1.5

TXT Record Checker

automation-lab/txt-record-checker

This actor checks DNS TXT records for domains. It validates SPF (Sender Policy Framework), DMARC (Domain-based Message Authentication), and DKIM (DomainKeys Identified Mail) configuration. Also identifies domain verification records for Google, Facebook, Microsoft, and Apple.

Stas Persiianenko

SPF Record Checker

automation-lab/spf-record-checker

This actor checks SPF records for domains by querying TXT records for `v=spf1` entries. It parses mechanisms (include, ip4, ip6, a, mx), the default qualifier (pass/fail/softfail/neutral), redirect domains, included domains, IP ranges, and DNS lookup count. Useful for email deliverability...

Stas Persiianenko

DNS Lookup | Scrape Domain Records & Security Intelligence

datascoutapi/dns-lookup

DNS lookup scrapes 22 data points including 10 DNS records (A, AAAA, MX, TXT, NS, CNAME, SOA, SRV, PTR, CAA) + email security analysis ( SPF/DKIM/DMARC), SSL certificate checker, domain monitoring. Processes 100 domains per batch with security scoring.

halam

DNS Lookup

automation-lab/dns-lookup

DNS Lookup resolves all standard DNS record types for one or more domains. It returns structured data including IP addresses, mail servers, name servers, TXT records, and an email security analysis that checks for SPF and DMARC configuration.

Stas Persiianenko

Email Verifier & Validator | Bulk Deliverability Check

michael.g/email-verifier-validator

Bulk email verifier and email validator for email list verification. Verify email addresses, detect invalid emails, check deliverability, and clean email lists to reduce bounce rates.