Pinglyra
Features

See which client domains are wide open to email spoofing

Continuous SPF and DMARC checks that reveal which domains can be impersonated and which are protected.

Run a free scan Start free
Quick answer

What is email security monitoring for SPF and DMARC?

Email security monitoring checks a domain's SPF and DMARC records to confirm it's protected against spoofing and that legitimate mail is authenticated. SiteGuard Monitor evaluates these records across all client domains, flags missing or weak policies, and reports the risk, helping prevent impersonation and protect email deliverability.

Most domains have no real protection against email spoofing, and their owners have no idea. Without proper SPF and DMARC, anyone can send mail that looks like it came from your client. SiteGuard Monitor checks these records across every domain and shows you exactly where the gaps are.

The problem: spoofable domains are everywhere

SPF and DMARC are invisible until something goes wrong. A domain without them can be impersonated in phishing attacks, and legitimate mail can land in spam. Clients rarely know their status, and agencies rarely have time to audit it by hand.

How SiteGuard solves it

SiteGuard reads each domain's email-authentication records and grades them, showing in plain language whether a domain is protected, partially protected, or wide open. It's an instant audit you can run across your whole client base.

  • SPF record presence and validity
  • DMARC policy detection and strength
  • Plain-language pass/fail per domain
  • Continuous re-checks with change alerts

What gets checked

SiteGuard inspects the published DNS records that govern who can send mail as a domain and what happens to messages that fail authentication.

  • SPF record existence and syntax
  • DMARC record presence and policy (none, quarantine, reject)
  • Alignment between configured email security and DNS
  • Changes over time, with alerts when records shift

Example workflow

Run a scan and immediately see which domains need attention.

  • Add the client domain to your dashboard
  • Scan to grade current SPF and DMARC posture
  • Get alerts if records change or weaken
  • Show the email-security status in the monthly report

Why agencies use it

Email security is an easy, high-impact upsell. Showing a client their domain is spoofable is a concrete reason to act, and fixing it is a billable win that protects their brand and their deliverability.

  • Turn invisible risk into a clear client conversation
  • Create natural upsell and remediation work
  • Protect clients from impersonation and phishing
  • Improve legitimate email deliverability

Safe, passive checks

SiteGuard reads the SPF and DMARC records that are already published in public DNS. There's no mail sending, no probing, and no impact on the domain, just a read-only assessment of what's configured.

Frequently asked questions

What's the difference between SPF and DMARC?
SPF lists which servers are allowed to send mail for a domain. DMARC builds on SPF (and DKIM) to tell receiving servers what to do with mail that fails authentication and can request reporting. Both are needed for strong anti-spoofing protection.
Does SiteGuard tell me how strong a DMARC policy is?
Yes. SiteGuard detects whether DMARC is present and reports its policy level, distinguishing a monitoring-only "none" policy from enforcing "quarantine" or "reject" policies, so you can see whether a domain is actually protected.
Will I be alerted if email security records change?
Yes. SiteGuard re-checks SPF and DMARC over time and alerts you via email and Discord if records change or weaken, so an accidental edit doesn't quietly leave a domain exposed.
Can SiteGuard fix SPF or DMARC for me?
No. SiteGuard identifies and reports the gaps so you know exactly what to fix, but changes are made in the domain's DNS by you or your client. The monitoring makes the problem and the fix obvious.
Is email security included in client reports?
Yes. SPF and DMARC status feeds the 0-100 risk score and appears in the branded monthly reports, giving clients a clear view of their spoofing protection alongside uptime, SSL, and DNS.
Does checking SPF and DMARC send any email?
No. The checks are passive DNS lookups of records that are already public. No mail is sent and nothing touches the domain's mail flow, so there's zero risk to deliverability.

Related

DMARC checker tool →SPF checker tool →DNS monitoring →Security headers →Website risk reports for clients →Features overview →

Start monitoring in minutes

Run a free scan, then turn it into 24/7 monitoring with branded client reports — under your brand.

Run a free scan Start free trial