📋 Email DMARC Auditor — SPF/DKIM/DMARC Bulk Check

Pricing

Rating

Developer

Actor stats

Categories

Share

The email deliverability audit tool email consultants actually use.

Auditing one domain in MXToolbox is free. Auditing 100 domains costs $149/month on Bulk tier. Valimail Monitor starts at $500/mo. This actor audits 100 domains for ~$0.85 — one-shot, no subscription.

What it checks per domain

• SPF — parses v=spf1 record, counts mechanisms, flags 10-lookup overflow, returns includes/ip mechanisms/all-mode
• DMARC — parses _dmarc.<domain> TXT record, extracts policy (p=), subdomain policy (sp=), percentage (pct=), reporting addresses (rua/ruf), alignment modes (aspf/adkim)
• DKIM — probes 25 common selectors (default, google, selector1, selector2, mailgun, sendgrid, mandrill, etc.) and estimates key length
• MX — confirms domain accepts mail at all
• Deliverability score (0-100) — weighted composite
• Remediation actions — specific, ordered fixes (not generic advice)

Example

import requests
r = requests.post(
"https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token="+ APIFY_TOKEN,
 json={"domains":["google.com","github.com","misconfigured-example.com"]}
)
for d in r.json():
print(f"{d['domain']} — score {d['deliverability_score']}")
print(f" SPF: {d['spf'].get('valid')} all-mode={d['spf'].get('all_mode')}")
 dmarc = d['dmarc']
print(f" DMARC: {dmarc.get('valid')} policy={dmarc.get('policy')} pct={dmarc.get('pct')}")
print(f" DKIM: {d['dkim']['found_count']} selectors found")
for action in d["remediation_actions"]:
print(f" → {action}")

Sample output:

google.com — score 95
 SPF: True all-mode=~all
 DMARC: True policy=reject pct=100
 DKIM: 3 selectors found
 → Email authentication looks healthy.
misconfigured-example.com — score 25
 SPF: True all-mode=+all
 DMARC: False policy=None pct=None
 DKIM: 0 selectors found
 → SPF 'all' qualifier is +all — any server can send as this domain. Change to -all or ~all.
 → Publish a DMARC record at _dmarc.misconfigured-example.com.
 → No DKIM selector found. Verify your ESP's DKIM selector and publish the record.

cURL

curl-X POST "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=$APIFY_TOKEN"\
-H"Content-Type: application/json"\
-d'{"domains":["example.com"]}'

Common use cases

• Pre-sales audits (deliverability consultants) — scan prospect's domain list, generate compliance report
• M&A due diligence — audit email posture of acquisition target's domain portfolio
• Brand protection — bulk-audit domain variants you own for lookalike spoofing exposure
• DMARC rollout planning — find all your domains still at p=none before enforcement deadline
• RFP compliance — SOC 2 / ISO 27001 / HIPAA evidence collection for email authentication controls
• Google/Yahoo 2024 sender requirements — bulk-verify every domain meets the new requirements before you send

Pricing

• $0.01 per run (startup)
• $0.005 per domain audited

100 domains = $0.51. Same job on Valimail Monitor starts at $500/month.

FAQ

Q: Why probe DKIM selectors? Can't the actor just return the "real" DKIM? A: DKIM has no discovery mechanism — the selector is chosen by the sender, not the domain. The 25 selectors probed cover ~90% of real-world configurations (Google, Microsoft 365, Mailgun, SendGrid, Mandrill, Amazon SES, etc.). If yours is unusual, add it via the dkimSelectors input.

Q: How is the deliverability score computed? A: Weighted: MX present (10), SPF published (20), strong SPF all-mode (+10), DMARC published (20), DMARC enforcing (+15), DKIM found (15), DMARC reporting (+5). Penalties: weak DKIM key, SPF over 10 lookups, permissive SPF. Max 100.

Q: Can this detect DMARC report data (DMARC failure reports)? A: No — DMARC reports are sent by mail receivers to rua/ruf mailboxes. This actor tells you if those mailboxes are configured; parsing the reports themselves is out of scope.

Q: Can I plug this into a monitoring schedule? A: Yes. Schedule the actor daily via Apify schedules. Compare each run's deliverability_score to detect configuration regressions.

Related tools

• Email RBL Bulk Checker
• DNS Propagation Checker
• Email Verification Tool
• Company Email Finder

Try it

📋 Email DMARC Auditor on Apify

New to Apify? Get free platform credits.

💻 Code Example — Python

from apify_client import ApifyClient
client = ApifyClient("YOUR_APIFY_TOKEN")
run = client.actor("nexgendata/email-dmarc-auditor").call(run_input={
# Fill in the input shape from the actor's input_schema
})
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
print(item)

🌐 Code Example — cURL

curl-X POST "https://api.apify.com/v2/acts/nexgendata~email-dmarc-auditor/run-sync-get-dataset-items?token=YOUR_TOKEN"\
-H"Content-Type: application/json"\
-d'{ /* input schema */ }'

❓ FAQ

Q: How do I get started? Sign up at apify.com, grab your API token from Settings → Integrations, and run the actor via the Apify console, API, Python SDK, or any integration (Zapier, Make.com, n8n).

Q: What's the typical cost per run? See the pricing section below. Most runs finish under $0.10 for typical batches.

Q: Is this actor maintained? Yes. NexGenData maintains 165+ Apify actors and ships updates regularly. Bug reports via the Apify console issues tab get responses within 24 hours.

Q: Can I use the output commercially? Yes — you own the output data. Check the target site's Terms of Service for any usage restrictions on the scraped content itself.

Q: How do I handle rate limits? Apify manages concurrency and retries automatically. For very large batches (10K+ items), run multiple smaller jobs in parallel instead of one mega-job for better reliability.

💰 Pricing

Pay-per-event pricing — you only pay for what you actually extract.

• Actor Start: $0.0001
• result: $0.0050

🔗 Related NexGenData Actors

• Hacker News Scraper
• Google Maps Lead Scraper
• SEC EDGAR Scraper

🚀 Apify Affiliate Program

New to Apify? Sign up with our referral link — you get free platform credits on signup, and you help fund the maintenance of this actor fleet.

📚 More From NexGenData

Explore the full catalog, tutorials, Gumroad data packs, and newsletter at thenextgennexus.com — the brand home for everything we ship.

• 📖 Tutorials & how-to guides
• 🗂️ Full actor catalog with usage examples
• 📦 Gumroad data packs (one-time purchases)
• 📬 Newsletter — monthly drops of new actors and revenue experiments

Built and maintained by NexGenData — 165+ actors covering scraping, enrichment, MCP servers, and automation. 🏠 Home: thenextgennexus.com

Why Email DMARC Auditor Beats MXToolbox, Valimail, dmarcian & EasyDMARC

Most teams pick this auditor because it is cheaper than MXToolbox's monthly tier (which limits domains anyway), has no per-domain license like dmarcian or Valimail, and bulk-audits hundreds of domains for a deliverability or M&A check in one run. A true drop-in alternative to MXToolbox + Valimail for one-off audits and continuous portfolio monitoring.

Related NexGenData Infrastructure & Email Actors

Browse the full NexGenData catalog of 260+ actors at https://apify.com/nexgendata?fpr=2ayu9b

Related NexGenData actors

Part of the 6. Cybersecurity & Domain Intelligence workflow. Related NexGenData actors:

• Wappalyzer Replacement — Tech Stack Detection API
• Tech Stack Detector — BuiltWith Alternative
• Bulk WHOIS Lookup — Domain Intelligence
• DNS Lookup — Bulk A, MX, CNAME & TXT Records
• SSL Certificate Checker — Bulk Expiry Monitor

Browse the full NexGenData storefront by workflow or the Cybersecurity & Domain Intelligence cluster guide.