Pricing

Pay per event

📋 Email DMARC Auditor — SPF/DKIM/DMARC Bulk Check

Bulk email authentication audit. Parses SPF, DMARC, and DKIM records, returns deliverability score (0-100), and step-by-step remediation actions per domain.

Pricing

Pay per event

Rating

0.0

(0)

Developer

Stephan Corbeil

Actor stats

Bookmarked

Total users

Monthly active users

17 days ago

Last modified

What it checks per domain

SPF — parses v=spf1 record, counts mechanisms, flags 10-lookup overflow, returns includes/ip mechanisms/all-mode
DMARC — parses _dmarc.<domain> TXT record, extracts policy (p=), subdomain policy (sp=), percentage (pct=), reporting addresses (rua/ruf), alignment modes (aspf/adkim)
DKIM — probes 25 common selectors (default, google, selector1, selector2, mailgun, sendgrid, mandrill, etc.) and estimates key length
MX — confirms domain accepts mail at all
Deliverability score (0-100) — weighted composite
Remediation actions — specific, ordered fixes (not generic advice)

Example

import requests

r = requests.post(
    "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=" + APIFY_TOKEN,
    json={"domains": ["google.com", "github.com", "misconfigured-example.com"]}
)

for d in r.json():
    print(f"{d['domain']} — score {d['deliverability_score']}")
    print(f"  SPF:   {d['spf'].get('valid')} all-mode={d['spf'].get('all_mode')}")
    dmarc = d['dmarc']
    print(f"  DMARC: {dmarc.get('valid')} policy={dmarc.get('policy')} pct={dmarc.get('pct')}")
    print(f"  DKIM:  {d['dkim']['found_count']} selectors found")
    for action in d["remediation_actions"]:
        print(f"    → {action}")

Sample output:

google.com — score 95
  SPF:   True all-mode=~all
  DMARC: True policy=reject pct=100
  DKIM:  3 selectors found
    → Email authentication looks healthy.

misconfigured-example.com — score 25
  SPF:   True all-mode=+all
  DMARC: False policy=None pct=None
  DKIM:  0 selectors found
    → SPF 'all' qualifier is +all — any server can send as this domain. Change to -all or ~all.
    → Publish a DMARC record at _dmarc.misconfigured-example.com.
    → No DKIM selector found. Verify your ESP's DKIM selector and publish the record.

cURL

curl -X POST "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=$APIFY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"domains":["example.com"]}'

Common use cases

Pre-sales audits (deliverability consultants) — scan prospect's domain list, generate compliance report
M&A due diligence — audit email posture of acquisition target's domain portfolio
Brand protection — bulk-audit domain variants you own for lookalike spoofing exposure
DMARC rollout planning — find all your domains still at p=none before enforcement deadline
RFP compliance — SOC 2 / ISO 27001 / HIPAA evidence collection for email authentication controls
Google/Yahoo 2024 sender requirements — bulk-verify every domain meets the new requirements before you send

Pricing

$0.01 per run (startup)
$0.005 per domain audited

100 domains = $0.51. Same job on Valimail Monitor starts at $500/month.

FAQ

Q: Why probe DKIM selectors? Can't the actor just return the "real" DKIM? A: DKIM has no discovery mechanism — the selector is chosen by the sender, not the domain. The 25 selectors probed cover ~90% of real-world configurations (Google, Microsoft 365, Mailgun, SendGrid, Mandrill, Amazon SES, etc.). If yours is unusual, add it via the dkimSelectors input.

Q: How is the deliverability score computed? A: Weighted: MX present (10), SPF published (20), strong SPF all-mode (+10), DMARC published (20), DMARC enforcing (+15), DKIM found (15), DMARC reporting (+5). Penalties: weak DKIM key, SPF over 10 lookups, permissive SPF. Max 100.

Q: Can this detect DMARC report data (DMARC failure reports)? A: No — DMARC reports are sent by mail receivers to rua/ruf mailboxes. This actor tells you if those mailboxes are configured; parsing the reports themselves is out of scope.

Q: Can I plug this into a monitoring schedule? A: Yes. Schedule the actor daily via Apify schedules. Compare each run's deliverability_score to detect configuration regressions.

Try it

📋 Email DMARC Auditor on Apify

New to Apify? Get free platform credits.

💻 Code Example — Python

from apify_client import ApifyClient

client = ApifyClient("YOUR_APIFY_TOKEN")
run = client.actor("nexgendata/email-dmarc-auditor").call(run_input={
    # Fill in the input shape from the actor's input_schema
})

for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

🌐 Code Example — cURL

curl -X POST "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ /* input schema */ }'

❓ FAQ

Q: How do I get started? Sign up at apify.com, grab your API token from Settings → Integrations, and run the actor via the Apify console, API, Python SDK, or any integration (Zapier, Make.com, n8n).

Q: What's the typical cost per run? See the pricing section below. Most runs finish under $0.10 for typical batches.

Q: Is this actor maintained? Yes. NexGenData maintains 165+ Apify actors and ships updates regularly. Bug reports via the Apify console issues tab get responses within 24 hours.

Q: Can I use the output commercially? Yes — you own the output data. Check the target site's Terms of Service for any usage restrictions on the scraped content itself.

Q: How do I handle rate limits? Apify manages concurrency and retries automatically. For very large batches (10K+ items), run multiple smaller jobs in parallel instead of one mega-job for better reliability.

💰 Pricing

Pay-per-event pricing — you only pay for what you actually extract.

Actor Start: $0.0001
result: $0.0050

🚀 Apify Affiliate Program

New to Apify? Sign up with our referral link — you get free platform credits on signup, and you help fund the maintenance of this actor fleet.

📚 More From NexGenData

Explore the full catalog, tutorials, Gumroad data packs, and newsletter at thenextgennexus.com — the brand home for everything we ship.

📖 Tutorials & how-to guides
🗂️ Full actor catalog with usage examples
📦 Gumroad data packs (one-time purchases)
📬 Newsletter — monthly drops of new actors and revenue experiments

Built and maintained by NexGenData — 165+ actors covering scraping, enrichment, MCP servers, and automation. 🏠 Home: thenextgennexus.com

DMARC, SPF & DKIM Validator

andok/dmarc-spf-dkim-validator

Validate email authentication DNS records to prevent spoofing and ensure high email deliverability for your domains.

Andok

🛡️ Bulk Email DNS Scraper

taroyamada/email-deliverability-portfolio-audit

Scrape domain DNS data to extract SPF, DKIM, DMARC, and BIMI records. Generate structured deliverability readiness reports for client portfolios.

太郎山田

DMARC & Email Security Checker

taroyamada/dns-dmarc-security-checker

Validate domain infrastructure in bulk to boost email deliverability. Extract DMARC policies, SPF records, and MX configurations to keep outreach out of spam.

太郎山田

DNS, WHOIS, SPF/DMARC, SSL Domain Audit

jungle_synthesizer/dns-domain-audit

Bulk domain audit covering DNS records, WHOIS registration, SPF/DMARC/DKIM email auth, SSL certificate, and reverse DNS. No browser, no proxy -- pure Node, sub-second per domain.

BowTiedRaccoon

DNS Record Lookup — MX, SPF, DMARC & Email Security Checks

ryanclinton/dns-record-lookup

Look up DNS records for any domain in bulk -- A, AAAA, MX, NS, TXT, CNAME, and SOA -- with built-in email security analysis for SPF, DMARC, and DKIM. Process hundreds of domains in parallel, get structured JSON output, and integrate results into any pipeline via the Apify API.

Ryan Clinton

Supernet Domain Health - Email Reputation Audit

superlativetech/supernet-domain-health

Email authentication and deliverability audit for any domain. Checks SPF, DKIM, DMARC, MX, blacklists, SSL, WHOIS, BIMI, MTA-STS — returns a 0-100 health score with actionable fixes. Sending or receiving mode. Batch thousands or query one via instant API.

Superlative

Domain Lookup

greip/domain-lookup

Lookup and analyze domain names and retrieve detailed information including security status, email authentication records (SPF, DMARC, DKIM, MX, BIMI), creation date, and risk assessment. Perfect for domain verification, fraud prevention, and security analysis.

Greip

DMARC Checker

onescales/dmarc-checker

Simple DMARC record lookup tool. Check email security configuration for multiple domains in a single run.

One Scales

5.0

Domain Lookup Tool

cerebral_aluminum/domain-lookup

Bulk DNS analysis. A records, MX, nameservers, hosting provider, email provider, SPF/DMARC status for any domain.

Benny

DMARC Record Checker

automation-lab/dmarc-record-checker

This actor checks DMARC records for domains by querying `_dmarc.<domain>` TXT records. It parses the DMARC policy including enforcement level (none/quarantine/reject), subdomain policy, reporting URIs, alignment settings, and percentage. Useful for email security auditing and domain...