Ahh, the art of correctly configuring you domain to send and receive email.

The MX records of your domain goven where incoming email gets delivered to — specifically, the actualy server addresses themselves. (Or possibly, fully-qualified domain names.)

MXToolbox is


Google’s MX and DMARC settings
Settings for a website with DMARC

You would use MX Toolbox to examine three things about a domain name: (1) the MX records, (2) outgoing SMTP servers configured as SPF records, (3) DKIM settings, and (4) DMARC settings.

Remember, #1 is essential for incoming mail, and #2 is where you configure your outgoing mail.

#3 is DKIM is an advanced authentication system designed for large companies and banks who would be the target of phishing attacks— like Chase, PayPal, Bank of America, etc. It prevents email spoofing. Although most domains aren’t the target of email spoofing, you should be concerned if your website or domain has some kind of login or access to financial gain (like a “send money to my bank account” feature). If it does, hackers will wan to spoof your customers into believing emails from them are actually from you. This is easy to do in the email “from” header of the message, and so it is up to the customer to recognize if an email looks fake. Using DKIM, you can proactively prevent email spoofing by configuring your DNS settings.

#4 is DMARC is a policy related to both DKIM and SPF and is also applicable to large institutions. The reason for this is that DMARC is a technology where the domain owner analysis who is trying to impersonate them and gain the trust of their customers with fake (spoof) content. This is because many of the larger corporations have multiple outgoing mail servers— like hundreds— and DMARC lets a large IT infrastructure migrate to only allowing trusted senders via a graduate process.

You would use this tool if you were a domain owner and you wanted to understand how you mail is working (or not working) at the DNS level.

By Jason