Inbound Auth Checker

The Inbound Auth Checker lets you verify the email security configuration of external domains. Before trusting emails from a partner, vendor, or customer, check whether their domain has proper authentication in place.

Business+ Feature

The Inbound Auth Checker is available on Business and Enterprise plans.

How to Use

  1. Navigate to Threat Intelligence → Inbound Auth Checker
  2. Enter the external domain you want to check (e.g., partnerdomain.com)
  3. Optionally specify a DKIM selector to check
  4. Click Check

What Gets Checked

  • SPF — Does the domain have a valid SPF record?
  • DKIM — Is a DKIM key published at the specified selector?
  • DMARC — What is their DMARC policy? (none, quarantine, reject)
  • MTA-STS — Do they enforce TLS encryption?
  • BIMI — Do they have brand indicators configured?

Risk Assessment

SpoofWard assigns a risk level based on the results:

  • Low risk — Domain has strong authentication (DMARC reject, valid SPF/DKIM)
  • Medium risk — Some authentication in place but gaps exist
  • High risk — No DMARC or permissive policies — emails from this domain could be spoofed

History

Previous checks are saved so you can track how external domains improve their security over time.

Your domain is being tested right now.
Are you watching?

Protect your brand and improve deliverability — automatically, with continuous monitoring and alerts.

Start Free — No Credit Card View Pricing →