Why build yet another SPF/DMARC/email security validation website? I'm glad you asked. Many such websites are created by vendors as a way of pitching their product or service. Domain Checkup is an open source website that provides all information about a domain's DNS-based email security controls on one page. The web frontend, web backend, and underlying library are all open source projects. So, you can get a quick, helpful overview of a domain's configuration, or dive into the source code to see exactly how a protocol works, all without a sales pitch.

Features

• Responsive, mobile-first UI using Bootstrap
• Can be installed as a Progressive Web Application (PWA) on mobile devices and computers
• Provides all details from the checkdmarc library and CLI tool on a single page
  • DNSSEC validation
  • SPF
    • Record validation
    • Counting of DNS lookups and void lookups
    • Counting of lookups per mechanism
  • DMARC
    • Validation and parsing of DMARC records
    • Shows warnings when the DMARC record is made ineffective by pct or sp values
    • Checks for authorization records on reporting email addresses
  • BIMI
    • Validation of the mark format and certificate
    • Parsing of the mark certificate
  • MX records
    • Preference
    • IPv4 and IPv6 addresses
    • Checks for STARTTLS (optional; currently disabled on the production website)
    • Use of DNSSEC/TLSA/DANE to pin certificates
  • MTA-STS
  • Record parsing and validation
  • SMTP TLS reporting (TLSRPT)
    • Record and policy parsing and validation
  • SOA record parsing
  • Nameserver listing