πŸ“‹ Email DMARC Auditor β€” SPF/DKIM/DMARC Bulk Check avatar

πŸ“‹ Email DMARC Auditor β€” SPF/DKIM/DMARC Bulk Check

Pricing

Pay per usage

Try for free
Go to Apify Store
πŸ“‹ Email DMARC Auditor β€” SPF/DKIM/DMARC Bulk Check

πŸ“‹ Email DMARC Auditor β€” SPF/DKIM/DMARC Bulk Check

Try for free

Bulk email authentication audit. Parses SPF, DMARC, and DKIM records, returns deliverability score (0-100), and step-by-step remediation actions per domain.

Pricing

Pay per usage

Rating

0.0

(0)

Developer

Stephan Corbeil

Stephan Corbeil

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

4 days ago

Last modified

Categories

Developer tools

Marketing

Automation

Share

The email deliverability audit tool email consultants actually use.

Auditing one domain in MXToolbox is free. Auditing 100 domains costs $149/month on Bulk tier. Valimail Monitor starts at $500/mo. This actor audits 100 domains for ~$0.85 β€” one-shot, no subscription.

What it checks per domain

  • SPF β€” parses v=spf1 record, counts mechanisms, flags 10-lookup overflow, returns includes/ip mechanisms/all-mode
  • DMARC β€” parses _dmarc.<domain> TXT record, extracts policy (p=), subdomain policy (sp=), percentage (pct=), reporting addresses (rua/ruf), alignment modes (aspf/adkim)
  • DKIM β€” probes 25 common selectors (default, google, selector1, selector2, mailgun, sendgrid, mandrill, etc.) and estimates key length
  • MX β€” confirms domain accepts mail at all
  • Deliverability score (0-100) β€” weighted composite
  • Remediation actions β€” specific, ordered fixes (not generic advice)

Example

import requests


r = requests.post(
    "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=" + APIFY_TOKEN,
    json={"domains": ["google.com", "github.com", "misconfigured-example.com"]}
)


for d in r.json():
    print(f"{d['domain']} β€” score {d['deliverability_score']}")
    print(f"  SPF:   {d['spf'].get('valid')} all-mode={d['spf'].get('all_mode')}")
    dmarc = d['dmarc']
    print(f"  DMARC: {dmarc.get('valid')} policy={dmarc.get('policy')} pct={dmarc.get('pct')}")
    print(f"  DKIM:  {d['dkim']['found_count']} selectors found")
    for action in d["remediation_actions"]:
        print(f"    β†’ {action}")

Sample output:

google.com β€” score 95
  SPF:   True all-mode=~all
  DMARC: True policy=reject pct=100
  DKIM:  3 selectors found
    β†’ Email authentication looks healthy.


misconfigured-example.com β€” score 25
  SPF:   True all-mode=+all
  DMARC: False policy=None pct=None
  DKIM:  0 selectors found
    β†’ SPF 'all' qualifier is +all β€” any server can send as this domain. Change to -all or ~all.
    β†’ Publish a DMARC record at _dmarc.misconfigured-example.com.
    β†’ No DKIM selector found. Verify your ESP's DKIM selector and publish the record.

cURL

curl -X POST "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=$APIFY_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"domains":["example.com"]}'

Common use cases

  • Pre-sales audits (deliverability consultants) β€” scan prospect's domain list, generate compliance report
  • M&A due diligence β€” audit email posture of acquisition target's domain portfolio
  • Brand protection β€” bulk-audit domain variants you own for lookalike spoofing exposure
  • DMARC rollout planning β€” find all your domains still at p=none before enforcement deadline
  • RFP compliance β€” SOC 2 / ISO 27001 / HIPAA evidence collection for email authentication controls
  • Google/Yahoo 2024 sender requirements β€” bulk-verify every domain meets the new requirements before you send

Pricing

  • $0.01 per run (startup)
  • $0.005 per domain audited

100 domains = $0.51. Same job on Valimail Monitor starts at $500/month.

FAQ

Q: Why probe DKIM selectors? Can't the actor just return the "real" DKIM? A: DKIM has no discovery mechanism β€” the selector is chosen by the sender, not the domain. The 25 selectors probed cover ~90% of real-world configurations (Google, Microsoft 365, Mailgun, SendGrid, Mandrill, Amazon SES, etc.). If yours is unusual, add it via the dkimSelectors input.

Q: How is the deliverability score computed? A: Weighted: MX present (10), SPF published (20), strong SPF all-mode (+10), DMARC published (20), DMARC enforcing (+15), DKIM found (15), DMARC reporting (+5). Penalties: weak DKIM key, SPF over 10 lookups, permissive SPF. Max 100.

Q: Can this detect DMARC report data (DMARC failure reports)? A: No β€” DMARC reports are sent by mail receivers to rua/ruf mailboxes. This actor tells you if those mailboxes are configured; parsing the reports themselves is out of scope.

Q: Can I plug this into a monitoring schedule? A: Yes. Schedule the actor daily via Apify schedules. Compare each run's deliverability_score to detect configuration regressions.

Try it

πŸ“‹ Email DMARC Auditor on Apify

New to Apify? Get free platform credits.

You might also like

DMARC, SPF & DKIM Validator avatar

DMARC, SPF & DKIM Validator

andok/dmarc-spf-dkim-validator

Validate email authentication DNS records to prevent spoofing and ensure high email deliverability for your domains.

User avatar

Andok

4

Email Deliverability Portfolio Audit API avatar

Email Deliverability Portfolio Audit API

taroyamada/email-deliverability-portfolio-audit

Audit SPF, DKIM, DMARC, MTA-STS, TLS-RPT, BIMI, and sender-readiness signals across domain portfolios with executive summaries and remediation guidance.

User avatar

ε€ͺιƒŽ ε±±η”°

2

DR

DNS Record Lookup β€” MX, SPF, DMARC & Email Security Checks

ryanclinton/dns-record-lookup

Look up DNS records for any domain in bulk -- A, AAAA, MX, NS, TXT, CNAME, and SOA -- with built-in email security analysis for SPF, DMARC, and DKIM. Process hundreds of domains in parallel, get structured JSON output, and integrate results into any pipeline via the Apify API.

User avatar

ryan clinton

13

DNS / SPF / DKIM / DMARC Audit API avatar

DNS / SPF / DKIM / DMARC Audit API

taroyamada/dns-dmarc-security-checker

Audit SPF, DKIM, DMARC, and MX in bulk with grades, fix-ready recommendations, and recurring email-security monitoring.

User avatar

ε€ͺιƒŽ ε±±η”°

4

Supernet Domain Health - Email Reputation Audit avatar

Supernet Domain Health - Email Reputation Audit

superlativetech/supernet-domain-health

Email authentication and deliverability audit for any domain. Checks SPF, DKIM, DMARC, MX, blacklists, SSL, WHOIS, BIMI, MTA-STS β€” returns a 0-100 health score with actionable fixes. Sending or receiving mode. Batch thousands or query one via instant API.

User avatar

Superlative

8

Domain Security Audit API | SSL Expiry, DMARC, Domain Expiry avatar

Domain Security Audit API | SSL Expiry, DMARC, Domain Expiry

taroyamada/domain-trust-monitor

Summary-first portfolio monitor for SSL expiry, DMARC/SPF/DKIM, domain expiry/ownership, and security headers with remediation-ready outputs.

User avatar

ε€ͺιƒŽ ε±±η”°

2

Domain Lookup avatar

Domain Lookup

greip/domain-lookup

Lookup and analyze domain names and retrieve detailed information including security status, email authentication records (SPF, DMARC, DKIM, MX, BIMI), creation date, and risk assessment. Perfect for domain verification, fraud prevention, and security analysis.

User avatar

Greip

3

DMARC Checker avatar

DMARC Checker

onescales/dmarc-checker

Simple DMARC record lookup tool. Check email security configuration for multiple domains in a single run.

User avatar

One Scales

12

5.0

DL

Domain Lookup Tool

cerebral_aluminum/domain-lookup

Bulk DNS analysis. A records, MX, nameservers, hosting provider, email provider, SPF/DMARC status for any domain.

User avatar

Benny

1

DMARC Record Checker avatar

DMARC Record Checker

automation-lab/dmarc-record-checker

This actor checks DMARC records for domains by querying `_dmarc.<domain>` TXT records. It parses the DMARC policy including enforcement level (none/quarantine/reject), subdomain policy, reporting URIs, alignment settings, and percentage. Useful for email security auditing and domain...

User avatar

Stas Persiianenko

4