SECURITY SCORE
Every domain is scored 0 to 10 on three DNS-visible security protocols: DMARC (email spoofing prevention), SPF (sender authorization), and CAA (certificate authority restriction).
…
Average Security Score
Composite of DMARC, SPF, and CAA, normalized to 0 to 10.
…
DMARC Enforced
Blocks or flags spoofed email. Worth up to 3 points.
…
SPF Configured
Restricts which servers send email. Worth up to 3 points.
…
CAA Restricted
Controls which CAs issue TLS certificates. Worth 1 point.
Score formula ▶
DMARC (reject) = 3 pts · DMARC (quarantine) = 2 pts · DMARC (none) = 1 ptSPF configured = 2 pts · SPF strict (-all) = +1 pt bonusCAA present = 1 ptMaximum:
3 + 3 + 1 = 7 raw pts, normalized to a 0 to 10 scale.
DMARC BREAKDOWN
Email Spoofing Protection
DMARC tells mail servers what to do when someone fakes your domain. Click a row to filter the leaderboard.
Sector Leaderboard
Sorted by DMARC enforcement rate. Click to filter.