Syntax Analyzer

1. Specify domain name

Enter a domain to be checked for the SPF record

2. Specify SPF record

Also enter an SPF record to be analyzed
3. Specify IP address (optional)
Enter any IP address to check if it is authorized to send e-mails by the SPF record

What is the SPF analyzer for?

With the SPF Analyzer you analyze a manually submitted SPF record of a domain for errors, security risks and authorized IP addresses. Optionally, you can specify an IP address to check if it is authorized to send e-mails on behalf of the domain. If you want to analyze an SPF record in real time from the DNS, use the SPF lookup.

Loading...

SPF check failed

Your SPF record check result
  •   SPF record found
  •   Syntax check: 1 Error
  •   Email Spoofing Protection: Poor
Warning: Compliance breach for email deliverability & security

The domain _spf.intacct.com does not fulfil the requirements for optimal deliverability to Google, Yahoo and other email service providers.

Mandatory IT baseline protection measures for email security are not fulfilled. There are risks of email misuse.

Summary of the SPF check

Does a valid SPF record exist?
An SPF record was found for the domain _spf.intacct.com.
The SPF record for _spf.intacct.com is not valid.
The syntax check resulted in a total of 1 errors.
of the email -Spoofing protection for this domain is not or not sufficiently provided.

Which IP-s are legitimate to send emails?
In total, 44 IP address(es) were authorized by the SPF record to send emails.

The SPF record analysis was performed on 08.11.2024 at 05:03:45 clock.

Lookup for the domain:
_spf.intacct.com
IP address to be checked:
no IP address specified

Have secure SPF record created by expert
from 749€

Order SPF record
  • 1. You send an email to our analysis system
  • 2. We will send you the finished SPF record
  • 3. You implement the SPF record
  • 4. We check the setup final
Have secure SPF record created by expert
from 749€

Evaluation for the domain _spf.intacct.com 

Nameserverset:
ns-112.awsdns-14.com
ns-777.awsdns-33.net
ns-1166.awsdns-17.org
ns-2010.awsdns-59.co.uk
ns10.digicertdns.com
ns11.digicertdns.com
Transferred SPF record:
Legitimated IP addresses:
IP Provider / ASN DNSBL-Check
4.7.16.128/26
LEVEL3 blacklist 
38.108.186.0/24
COGENT-174 blacklist 
199.87.209.0/24
SV3-AS-PRI blacklist 
4.53.200.128/26
LEVEL3 blacklist 
52.62.199.66 AMAZON-02 blacklist 
52.63.210.175 AMAZON-02 blacklist 
52.19.0.156 AMAZON-02 blacklist 
34.242.34.203 AMAZON-02 blacklist 
15.157.154.20 AMAZON-02 blacklist 
3.97.56.230 AMAZON-02 blacklist 
18.233.211.170 AMAZON-AES blacklist 
18.210.219.222 AMAZON-AES blacklist 
16.50.78.62 AMAZON-02 blacklist 
16.51.180.22 AMAZON-02 blacklist 
18.196.254.50 AMAZON-02 blacklist 
3.75.50.121 AMAZON-02 blacklist 
40.176.107.168 AMAZON-02 blacklist 
40.176.215.184 AMAZON-02 blacklist 
20.109.99.74 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.97.237.150 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.122.187.209 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.10.6.183 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.1.175.150 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
104.209.145.54 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
18.198.129.203 AMAZON-02 blacklist 
52.52.134.28 AMAZON-02 blacklist 
18.222.100.37 AMAZON-02 blacklist 
18.220.6.173 AMAZON-02 blacklist 
13.89.129.61 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
40.86.47.187 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
34.211.36.37 AMAZON-02 blacklist 
34.209.22.161 AMAZON-02 blacklist 
18.219.211.170 AMAZON-02 blacklist 
52.179.183.89 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
13.88.170.98 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.192.29.133 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
44.240.143.150 AMAZON-02 blacklist 
52.52.30.41 AMAZON-02 blacklist 
54.203.18.106 AMAZON-02 blacklist 
20.65.115.153 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
52.165.249.35 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
20.242.106.212 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
52.252.111.27 MICROSOFT-CORP-MSN-AS-BLOCK blacklist 
52.214.168.26 AMAZON-02 blacklist 
SPF-Syntax Check:
Analysis result of the SPF record for the domain: _spf.intacct.com

SPF record available?

We found an SPF record for the domain.

v=spf1

Additionally authorized IPv4 addresses

Explicit IPv4 addresses in the SPF record have been authorized to send

4.7.16.128/26
38.108.186.0/24
199.87.209.0/24
4.53.200.128/26
52.62.199.66
52.63.210.175
52.19.0.156
34.242.34.203
15.157.154.20
3.97.56.230
18.233.211.170
18.210.219.222
16.50.78.62
16.51.180.22
18.196.254.50
3.75.50.121
40.176.107.168
40.176.215.184
20.109.99.74
20.97.237.150
20.122.187.209
20.10.6.183
20.1.175.150
104.209.145.54
18.198.129.203
52.52.134.28
18.222.100.37
18.220.6.173
13.89.129.61
40.86.47.187
34.211.36.37
34.209.22.161
18.219.211.170
52.179.183.89
13.88.170.98
20.192.29.133
44.240.143.150
52.52.30.41
54.203.18.106
20.65.115.153
52.165.249.35
20.242.106.212
52.252.111.27
52.214.168.26

E-Mail handling

How should the checkHost() function of the e-mail server handle the e-mail? (syntax )

?all
Neutral (e-mails are expected to be accepted)

Unknown mechanisms

Unknown mechanisms were found in the SPF record





Will be forwarded to another SPF record?

There is no reference to any other SPF record

Are the server addresses allowed to send e-mails?

In the SPF entry the mechanism 'a' has not been set.

Additionally authorized A-records?

In addition to the A-Records stored in the DNS, we could not find any other records authorized in the SPF-Record.

Are the registered mail servers allowed to send e-mails?

In the SPF entry the mechanism 'mx' has not been set

Additionally authorized MX records

We could not find any other records authorized in the SPF record besides the MX records stored in the DNS

Additionally authorized IPv6 addresses

No explicit IPv6 addresses in the SPF record have been authorised to send

Additional external SPF records

We could not find any other records authorized in SPF-Record

How is the sender informed?

The exp mechanism acts as a return to the sender if the IP address was not authorized to send and notify them. None was found.

PTR (obsolete mechanism)

The ptr mechanism is deprecated, slow and insecure and should not be used

PTR:

The ptr mechanism is deprecated, slow and insecure and should not be used

Authorize IP addresses with markers

When SPF is evaluated, macros can specifically authorize Ip addresses based on the request or connection of the user or client (RFC7208 )

Receiver address

analysis.ra-missing

Amount of reports

analysis.rp-missing

Report selection

analysis.rr-missing

Recently performed SPF lookups

Server IP Address

We have determined the following IP address for the domain:

No domain specified

Reverse address

We have determined the following name for the server IP address:

No PTR record found

Free whitepaper

How secure is your domain?

  • Practical with many examples
  • the basics of domain risk management summarized in 20 pages
  • Checklist with 53 questions on 14 risk areas

Get a first impression of the risk potential in your company

⮩ Download "Domain Risk Management" for free
All offers are aimed at traders, not end consumers and do not include VAT.
© 2024 nicmanager.com.   All rights reserved.
nicmanager