Mail Server Test

The Email Server Test That Grades Your Domain and Shows What to Fix First

Eight checks on any sending domain: SPF, DKIM, DMARC, MX records, reverse DNS, TLS, BIMI, and blacklist status. One letter grade, one prioritized fix list. It is the same SMTP server check Gmail and Outlook effectively run on your mail server before they read a single subject line.

Verifox fox mascot inspecting an email server configuration

8 checks · Graded A+ to F · Fix list included

Trusted by 500,000+ leading GTM teams of all sizes

The plain-English version

What an email server test actually measures

An email server test audits the machinery behind your mail rather than the mail itself: the DNS records, policies, and live server behavior that receiving providers inspect before your message is ever opened. In one pass it answers eight questions. Is SPF published and valid? Is mail signed with DKIM? Does a DMARC policy tell receivers what to do when authentication fails? Do MX records exist? Does the sending IP have matching reverse DNS? Does the server negotiate TLS? Is a BIMI record showing your logo? And is the domain or IP sitting on a blacklist? Those eight checks are the configuration half of deliverability, the same signals our email verification engine reads on the receiving side of 2.1 billion+ verified emails.

The grade exists to order the work. A mail server test that dumps eight raw records still leaves you guessing, so the report scores authentication, infrastructure, reputation, and compliance separately and ranks every failure by cost. An outright fail on DMARC outweighs a missing BIMI logo every time, and since Google and Yahoo began enforcing authentication for bulk senders in 2024, the authentication category is effectively pass or do-not-send. For the record-level detail behind a failure, the free SPF, DKIM and DMARC checker and the DKIM tester read each string literally, no signup needed.

One honest boundary: a clean email server health check proves your setup is not the problem. It cannot prove the inbox, since list quality and engagement decide the rest, and 20 to 40% of B2B lists fail at catch-all domains alone. So treat the server test as step one, then measure where real campaigns land with the email deliverability tester. Teams that automate it run the same checks through the REST API on pay-as-you-go credits, priced for your region on the pricing page, and those credits never expire.

Sample report

What the mail server test checks: 8 checks on every domain

Every row records the exact DNS record or server response found, so a fail comes with the evidence, not just the verdict. Here is a real shape of report for a domain with solid infrastructure and a DMARC gap.

acme.com · Server Configuration Report

SPF Record

v=spf1 include:_spf.google.com ~all

PASS

DKIM Signature

Valid 2048-bit RSA key found at selector: google

PASS

DMARC Policy

No DMARC record found. The domain is unprotected against spoofing

FAIL

MX Records

5 MX records found, priority 1 to 10

PASS

Reverse DNS (PTR)

PTR record matches the sending hostname

PASS

TLS Encryption

TLS 1.3 supported with a valid certificate

PASS

BIMI Record

No BIMI record. Your logo will not show next to messages

WARN

Blacklist Status

Not listed on the major public DNS blacklists

PASS

Mail still not leaving the server at all? That is a connection problem, not a configuration one. Start with the SMTP test instead.

How the grading works

From SMTP server check to letter grade: four categories, scored separately

One blended score would hide the problem. Splitting the eight checks into four graded categories shows whether your weakness is authentication, infrastructure, reputation, or compliance, and which fix moves the needle first.

B

Authentication

SPF and DKIM pass, DMARC missing

A+

Infrastructure

MX, rDNS and TLS clean

A

Reputation

No blacklist listings

B

Compliance

BIMI not published

Fails before warns · Evidence with every verdict · Re-test after each fix

Before your content even matters

Why an email server health check decides placement before your subject line does

The server is judged before the message

When your mail arrives, Gmail and Outlook evaluate the connecting server and the domain's DNS during the SMTP conversation itself. A failed mail server test at that moment routes the message to spam, or rejects it outright, before any human sees your subject line.

Unauthenticated domains get spoofed

A domain without aligned SPF, DKIM, and DMARC can be impersonated by anyone with a sending script. Every phishing message sent in your name then damages the reputation your real campaigns depend on. The authentication checks exist to close that door.

Google and Yahoo made it a requirement

Since 2024, bulk senders to Gmail and Yahoo must authenticate with SPF and DKIM and publish a DMARC policy. Domains that skip it are throttled or rejected at volume, which means the configuration this test grades is now table stakes, not a nice-to-have.

Configuration is half the battle; the addresses you send to are the other half. Once the server passes, keep watch with the DMARC monitor and clean your list with email verification.

Trust & compliance

Enterprise-grade security and scale

Every layer of the stack carries a third-party attestation, so you can ship into regulated industries without rebuilding your compliance posture.

  • Claymation Japanese hanko seal in jade-green clay with a twisted shimenawa rope rim, the words SOC 2 TYPE II embossed in cream clay on its face.

    SOC 2 Type II

    Independently audited to the SOC 2 Type II standard.

  • Claymation Japanese hanko seal in cobalt-blue clay with a twisted shimenawa rope rim, the word GDPR embossed in cream clay on its face.

    GDPR

    Built for the EU with full GDPR data-subject rights.

  • Claymation Japanese hanko seal in rose-pink clay with a twisted shimenawa rope rim, the word CCPA embossed in cream clay on its face.

    CCPA

    California opt-out, do-not-sell, plus DSAR handling.

  • Claymation Japanese hanko seal in terracotta clay with a twisted shimenawa rope rim, the text ISO 27001 embossed in cream clay on its face.

    ISO 27001

    Information security held to the ISO 27001 standard.

  • Claymation Japanese hanko seal in lilac-purple clay with a twisted shimenawa rope rim, the text ISO 42001 embossed in cream clay on its face.

    ISO 42001

    AI governance aligned to the new ISO 42001 standard.

Common questions

Email server test questions, answered straight

What the test covers, why DMARC and SPF fail, what each grade means, and where a server test ends and list quality begins. If your question is not here, the report itself links every finding to its fix.

What does an email server test check?

Eight things in one pass: SPF, DKIM signing keys, DMARC policy, MX records, reverse DNS, TLS encryption, BIMI, and blacklist status. Those cover the four areas receivers actually score, authentication, infrastructure, reputation, and compliance. Each check returns pass, warn, or fail with the exact record we found. It audits the domain and server, not individual addresses; the email verification service handles mailbox-level checks.

Is the email server test free?

Yes. Signing up gets you 1,000 free credits, or 2,500 with a work email, no card required, and the server test runs from the same dashboard. Credits are pay-as-you-go and never expire; volume rates are localized on the pricing page. Want zero signup? The authentication slice of the test, SPF, DKIM, and DMARC, runs free right now on the SPF, DKIM and DMARC checker.

Why did my domain fail the DMARC check?

Almost always because no TXT record exists at _dmarc.yourdomain.com, or the record that does exist has a syntax error receivers cannot parse. Publish at minimum v=DMARC1; p=none; rua=mailto:reports@yourdomain.com to start collecting reports, then tighten to quarantine or reject. Once it passes, the DMARC monitor reads those reports for you continuously.

How do I fix a missing SPF record?

Add one TXT record at your domain root listing every service that sends for you, for example v=spf1 include:_spf.google.com ~all for Google Workspace. Two rules trip most people: a domain may publish only one SPF record, so merge providers into a single string, and the record may trigger at most 10 DNS lookups. Re-run the free SPF check after DNS propagates to confirm the fix.

What counts as a good grade on a mail server test?

A or A+ means every receiver-scored check passes and your setup is not the reason mail lands in spam. B means the essentials pass but warnings remain, typically a missing BIMI record or a DMARC policy still at p=none. C or F means at least one authentication or reputation check fails outright, and that is where deliverability damage is concentrated. Fix fails before warnings: a missing DMARC record costs you far more than a missing logo.

How often should I test my email server?

Run the test after every change to DNS, your ESP, or your sending infrastructure, and monthly as a baseline even when nothing changed, because records get edited by other teams and certificates expire quietly. Reputation moves faster than configuration: blacklist operators add and remove entries daily, so pair the periodic test with blacklist monitoring and a one-off email blacklist check whenever engagement suddenly drops.

What is the difference between an email server test and an SMTP test?

Scope. An SMTP test checks one connection: can a specific server be reached on its port and complete a handshake. An email server test audits the whole sending domain, the DNS records, authentication policies, encryption, and reputation that decide how receivers treat your mail once that connection works. If mail is not leaving at all, start with the SMTP test; if it leaves but lands in spam, start here.

Does a passing email server test guarantee inbox placement?

No. It removes the configuration reasons for spam placement, which is necessary but not sufficient. List quality and engagement still decide the rest: 20 to 40% of B2B lists fail at catch-all domains alone, and bounces from bad addresses erode the reputation a clean server earned. Verify your list with the 9-point verification engine, then measure where real campaigns land with an inbox placement test.

Can I run the email server test from my own code or an AI agent?

Yes. The REST API exposes the same domain and authentication checks the dashboard runs, so you can test servers from CI after DNS changes or audit every domain on a customer list. AI agents connect through the native MCP server with no glue code. Everything runs on the same pay-as-you-go credits, and results return as structured JSON you can alert on.

Verifox fox mascot questioning an ungraded email server

Find out what grade your email server earns

Sign up, point the test at your sending domain, and read the graded report in minutes. You start with 1,000 free credits, 2,500 if you sign up with a work email, no card required, and credits never expire. The same account verifies your list with the 9-point engine, so the server and the addresses get fixed together.

No card required · Credits never expire · SOC 2 Type II