SPF vs DKIM vs DMARC: What MSPs Need to Know
MSPs get asked about SPF, DKIM, and DMARC constantly -- usually the week before a client's insurance renewal. Here's the practical breakdown: what each record does, what it doesn't do, how they work together through DMARC alignment, and how to audit your entire client base before an underwriter does.
We Scanned 73 Domains. 41% Failed DMARC.
Cyber insurers require DMARC on renewal applications. We scanned domains across the insurance and MSP security ecosystem. The results are worse than you'd expect.
We Scanned 29 Cyber Insurance Providers. Half Had Email Auth Gaps.
Cyber insurers require DMARC from their customers. We checked if they enforce it on their own domains. Many don't.
DMARC Check API: How MSPs Query Email Auth Records Programmatically
MxToolbox works for one domain at a time. Here's how to check DMARC, SPF, DKIM, SSL, and open ports programmatically across your entire client base — with working code.
Stay ahead of compliance risk
Get started with a free external attack surface scan. No credit card required.