Free Email Deliverability Analyzer

Email Deliverability Analyzer — What This Tool Actually Does

If your emails keep landing in the spam folder, the problem is almost always in your DNS — not your email content. Inbox providers like Gmail and Outlook check three things before they decide where to put your message: SPF, DKIM, and DMARC. If any of those are missing, broken, or too weak, your email goes straight to spam — no matter how good the message is.

This free email deliverability analyzer runs 8 checks at once against your domain. It checks your SPF record for errors (including the dangerous +all tag and the "too many DNS lookups" PermError), validates your DKIM signature across 14+ provider-specific selectors, reads your DMARC policy and grades its strength, and scans your domain and mail server IPs against 50+ global blacklists — all in real time.

But here's the part that makes it different from most email testing tools: it also generates exact, copy-paste DNS records tailored to your email provider. Whether you're on Google Workspace, Microsoft 365, Zoho, SendGrid, or Mailgun — the fix suggestions match your setup. You don't have to guess.

Type your domain into the tool above and you'll have a full diagnostic report in about 10–15 seconds.

How to Use the Email Deliverability Checker

The tool is built to get you answers fast. No login. No configuration. Just your domain name.

1. Enter your domain or email address. Type something like yourdomain.com or hello@yourdomain.com — if you enter an email, the tool pulls the domain automatically. Hit the Analyze button.
2. Watch the checks run in real time. The tool doesn't make you wait for all 8 checks to finish. Results stream in as each check completes — SPF first, then DKIM, DMARC, MX, blacklist, PTR, BIMI, and MTA-STS. You'll see the pass/fail cards fill in live.
3. Read your deliverability score. The score ring shows a grade from A to F. A is excellent — all checks passed, strong policies in place. F means something critical is broken. Expand any Check Card to see the raw DNS data the tool found for that record.
4. Copy the fix suggestions. Scroll down to the Fix Suggestions panel. If anything failed, the tool generates the exact TXT or MX records you need. These aren't generic examples — they're built around your detected email provider, so the records are ready to paste straight into your registrar's DNS panel.
5. Re-test after you make changes. DNS changes take time to spread — usually 5 to 30 minutes, sometimes up to 48 hours. Wait a bit, then run the analyzer again to confirm your fixes worked.

One thing worth knowing: the tool detects your email provider automatically from your MX records. That's what makes the provider-specific DKIM check possible — it looks for the right selector (selector1 for Microsoft, google for Gmail) instead of just trying generic ones.

Your Data Stays Private — Here's How

When you run a check, the tool sends your domain name to a DNS resolver and a blacklist API to get the records. That's it. It does not store your domain, your results, or anything else in a database. There's no account, no tracking, and no email required.

The DNS data that comes back — your SPF record, DMARC policy, MX records — is all public information. Anyone who knows your domain can query it. This tool just collects all of it in one place and gives you a clear picture instead of making you run 8 separate commands in a terminal.

The blacklist check works the same way. It queries each DNSBL (DNS-based blacklist) with your IP address using standard DNS lookups — the same method any mail server uses to check your reputation. Nothing about the check itself flags your domain.

One honest note: your fix suggestions are generated based on your detected email provider. If the tool guesses your provider wrong — or can't detect it — the suggested records will still be technically correct, but double-check them against your provider's official documentation before publishing to DNS.

What Makes This Email Deliverability Tool Different

Most email checking tools run one or two checks and give you a vague pass/fail. This one runs 8 specific checks — and explains what each result means for your actual inbox placement.

• Provider-aware DKIM detection. Most tools try a handful of generic DKIM selectors and give up. This one detects your email provider from your MX records first — then checks the exact selectors that provider uses. Google, Microsoft 365, Zoho, SendGrid, Mailgun, and Amazon SES all have different selector conventions. The tool handles each one differently.
• SPF PermError and +all detection. A valid SPF record that uses +all at the end is almost as bad as having no SPF at all — it tells the world that any IP can send mail as you. The tool flags this specifically. It also detects when you've exceeded the 10-lookup limit, which causes a silent PermError that most senders never notice.
• DMARC policy strength grading. The tool doesn't just check if DMARC exists. It grades the policy. A record with p=none earns a warning — it's monitoring-only and gives you zero spam protection. You need p=quarantine or p=reject to actually protect your domain reputation and satisfy Google's 2024+ bulk sender rules.
• 50+ blacklist parallel scan. The tool checks Spamhaus, Barracuda, SORBS, SpamCop, and more than 45 others at the same time. If your IP is listed, you get a direct link to the delisting page for that specific blacklist — no hunting around.
• PTR (reverse DNS) forward-confirmed lookup. The tool resolves your MX record to an IP, then does a reverse DNS lookup to get the hostname, then does a forward lookup to confirm the hostname points back to the same IP. This forward-confirmed reverse DNS (FCrDNS) is what strict mail servers check. If it doesn't match, some servers drop the connection immediately.
• BIMI and MTA-STS checks. Beyond the basics, the tool checks for a BIMI record (which lets you show your brand logo in Gmail and Yahoo inboxes) and an MTA-STS policy (which forces TLS encryption on all email sent to your domain). Both are optional but increasingly important for brand trust and security.
• Real-time streaming results. Checks run in parallel and display as they finish — you don't sit at a loading spinner for 30 seconds. The score ring updates live as each check comes in.
• Copy-paste DNS records for your provider. The Fix Suggestions panel generates ready-to-use TXT records, not generic placeholders. If you're on Google Workspace, you get the actual SPF include string for Google. Same for Microsoft, Zoho, and the others.

Technical Specifications

Here's exactly how the email deliverability analyzer works under the hood — useful if you're debugging or want to understand why a specific check passed or failed.

Scoring System

Each of the 8 checks carries a weight. SPF, DKIM, DMARC, and the blacklist check are weighted heaviest — they're the four that inbox providers care about most. MX, PTR, BIMI, and MTA-STS count for less but still affect the final grade.

Browser & Infrastructure

Frequently Asked Questions About Email Deliverability

What is an email deliverability analyzer?

It's a tool that checks your domain's DNS settings to find out why emails might be landing in spam. It tests your SPF record, DKIM signatures, DMARC policy, MX records, reverse DNS, and whether your IP is on any global blacklists. Think of it as a health check for your email infrastructure.

Why are my emails going to spam even though I didn't do anything wrong?

The most common causes aren't about your email content — they're DNS misconfigurations. A missing SPF record, a DMARC policy stuck on p=none, or an IP that got added to a blacklist by a previous tenant can all cause your emails to fail silently. The analyzer finds these issues in seconds.

Does Gmail require DMARC now?

Yes. Since early 2024, Google and Yahoo both require bulk senders — anyone sending over 5,000 messages a day — to have valid SPF, DKIM, and at least a DMARC record in place. If you're a smaller sender, the requirement isn't enforced as strictly, but having all three still helps your inbox placement significantly.

What does p=none mean in DMARC — is it bad?

A DMARC record with p=none means "monitor but don't block anything." It collects reports on who is sending email from your domain but doesn't actually stop spoofed or unauthenticated messages. It's a good starting point for getting data, but it won't protect your domain reputation. You need to move to p=quarantine or p=reject to get real protection and pass strict sender requirements.

What is the "too many DNS lookups" SPF error?

SPF records are allowed a maximum of 10 DNS lookups. Every include: statement in your SPF record uses one or more lookups. If you've added Google, Mailchimp, SendGrid, HubSpot, and Zendesk all in one record, you've likely exceeded the limit. The result is a PermError — your SPF check fails silently, and inbox providers treat it the same as having no SPF at all. The fix is SPF flattening (converting all the includes into static IPs) or using subdomains for different sending services.

How do I fix a blacklist listing?

Fix the root cause first — stop sending cold spam, clean your mailing list, or secure a compromised mail server. Then use the direct delisting link in the Fix Suggestions panel. Each blacklist has its own process: Spamhaus has a self-service lookup, Barracuda needs you to fill out a form, and others may require manual review. Requesting removal before fixing the problem usually results in getting re-listed within a few days.

Why can't the tool find my Amazon SES DKIM record?

Amazon SES uses a randomly generated string as its DKIM selector — something like abc123xyz._domainkey.yourdomain.com. Because that hash is random, no external tool can guess it. You have to log into your AWS SES console to check your DKIM verification status directly. The same applies to some Brevo (formerly Sendinblue) setups.

What is PTR reverse DNS and why does it matter?

A PTR record maps your mail server's IP address back to a hostname. Strict mail servers check that the hostname in your PTR record resolves back to the same IP — this is called forward-confirmed reverse DNS (FCrDNS). If it doesn't match, some servers will reject your connection before your email even gets delivered. Most major ISPs and cloud hosts let you set PTR records through your hosting control panel.

Is this email deliverability test free?

Yes, completely free. No account needed, no API key, no daily limit. The tool is free to use as many times as you need — every time you update your DNS, run it again to confirm the change took effect.