Shipsafershipsafer.ai
ShipSafer
← All DNS Security checks

cdn77.orgDNS Security Checker

Check DMARC, SPF, DKIM, DNSSEC and other DNS security records for email spoofing and phishing protection.

Last checked: Mar 18, 2026, 01:00 PM UTC

61/100
Grade C

Scan Results

DNS Security Score61/100
0
Critical
2
High
1
Medium
3
Passed

Common DNS Security Issues

  • No DMARC record
  • DMARC policy set to p=none (monitoring only, no enforcement)
  • Missing or misconfigured SPF record
  • SPF record exceeds 10 DNS lookups
  • No DNSSEC

What This Check Covers

DNS security records (SPF, DKIM, DMARC) protect your domain from email spoofing and phishing attacks. Without DMARC enforcement, anyone can send email appearing to come from your domain. Without DNSSEC, DNS responses can be forged. These are critical for email deliverability and brand protection.

  • DMARC record (email authentication policy)
  • SPF record (authorized mail senders)
  • DKIM setup
  • DNSSEC (DNS response signing)
  • CAA records (certificate authority authorization)
  • MTA-STS (SMTP security policy)
  • BIMI (Brand Indicators for Message Identification)

Why it matters

Missing DMARC allows phishing emails to appear from your domain. Domains without SPF/DMARC are used in business email compromise (BEC) attacks — the most costly cybercrime category. Google and Yahoo now require DMARC for bulk senders.

Get the full security report for cdn77.org

SSL, headers, CORS, cookies, DNS + 60 more checks — free