Are your customers getting your emails?

Send an email to the address below and we'll tell you if your customers will get your emails.

{{emailAddress}}

Waiting for email...

What is this?

Before an email can get to someone's inbox, it goes through a lot of filters. There's Spam testing, SPF and DKIM validation. Fail any of those checks, and your customers might not be getting their emails.

  • What is Spam?

    Spam is not only annoying, but can be dangerous for users. Spam refers to emails that meet the following criteria:

    • The address and identity of the sender are concealed
    • Emails sent to a large group of people
    • The recipients of the email did not agree to be emailed

    Most legitimate email address that end up in Spam end up there because their mail server address has ended up on a blacklist at some point in time.

    Our test not only tells you if your email looked like Spam or not, but gives you the score from Spamassassin, one of the most commonly used Spam filtering tools in the world.

  • What is SPF?

    SPF is an open standard so that the owner of a domain can provide a public list of approved senders. For instance, if you use an application like Postmark to send your transactional email and then use Campaign Monitor to send your marketing emails, you’d want to include both of those services as approved senders. This way, receiving mail servers can cross-check that the email originated from a server that has permission to send on your behalf. If the message originates from a server that’s not on your list, then the receiving server can consider it a fake and treat it accordingly.

    An important aspect to understand about SPF is that it does not validate against the From domain. Instead, SPF looks at the Return-Path value to validate the originating server. What’s a Return-Path? Good question. It’s the email address that receiving servers use to notify the sending mail server of delivery problems, like bounces. So an email can pass SPF regardless of whether the from address is fake. The problem with this limitation is that the From address is what recipients see in their email clients. Furthermore, even if a message fails SPF, there's no guarantee it won't be delivered. That final decision about delivery is up to the receiving ISP.

    SPF is just one of many factors that ISPs use to determine whether an email should be delivered. When it comes to verifying the From address, DMARC is a relatively new standard designed to address this shortcoming in SPF.

    SPF (or "Sender Policy Framework") is a standard setup to help prevent fraudulent email senders from masking as legitimate senders. SPF is a small record attached to your domain which lists out what servers can send email for your domain. Typically this list will include the servers that send email for all of your users, as well as servers that might be hosting your website or other software which needs to send email.

    Without an SPF record, anyone can pretend to be you when they send fraudulent emails. Almost as bad, most domains use an SPF record that "Soft Fails" invalid sending servers. "Soft Fail" is designed to be used only when a domain is in transition from one email host to another and allows anyone to send email as that domain, leaving it up to Spam filters to verify the email.

    Our test will verify that the server that your email is sent from is properly listed in your SPF record. For most comprehensive testing, Cage Data can do a full audit of your domain and verify that only the correct servers can send your email.

    Description from Postmark

  • What is DKIM?"

    DKIM (DomainKeys Identified Mail) is an email security standard designed to make sure messages weren’t altered in transit between the sending and recipient servers. It uses public-key cryptography to sign email with a private key as it leaves a sending server. Recipient servers can then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the message hasn’t changed during transit. Once the hash made with the private key is verified with the public key by the recipient server, the message passes DKIM and is considered authentic.

    Our test will verify that the email was signed correctly.

    Description from Postmark