
Quick answers for business owners — fake email, your domain check, and how to protect your business.
We show whether scammers can abuse your domain in email — with a letter grade and checklist you can act on or forward to whoever manages your domain.
Yes — built for business owners. No account required.
No. We only look at public domain settings. Your inbox stays private.
Usually a few seconds.
A or B means your customers are well protected. C means some gaps remain. D or F means urgent exposure — often missing the policy that blocks fake mail.
A DNS list of servers allowed to send mail for your domain. See our SPF guide for details.
A digital signature proving mail was not tampered with. Keys live in DNS.
A policy telling receivers what to do when authentication fails — the main tool to block fakes.
No. BIMI is optional brand display in some inboxes.
Google helps with sending, but you still need SPF, DKIM, and DMARC in DNS for your domain.
If you manage DNS, yes. Otherwise forward our report to your IT provider or registrar.
After any DNS change and at least quarterly.
It reduces domain spoofing significantly. Staff training still matters for look-alike domains and compromised accounts.
New domains are often unprotected until someone sets up the three core protections — check early so scammers don't get a head start on your name.
Yes — use /embed/check or ask your developer for the iframe snippet on the dev hub.