Domain Health Check

What is a Domain Health Check?

A domain health check is a comprehensive audit that examines every critical aspect of your domain's configuration. Rather than checking individual records one at a time, it runs all essential tests in a single pass — DNS resolution, mail server availability, email authentication (SPF, DKIM, DMARC), SSL certificate validity, and blacklist status — then produces a single score that reflects your domain's overall health.

This is especially useful for domain administrators who need a quick overview, businesses preparing for email campaigns, or anyone troubleshooting deliverability issues. Instead of running five separate tools, you get a complete picture in one check.

How Scoring Works

Your domain is scored across 7 categories worth a total of 100 points:

• DNS Resolution (10 points) — Does the domain resolve to an IP address? Are A/AAAA records present and reachable?
• MX Records (15 points) — Are mail servers configured? Are they reachable and responding on SMTP port 25?
• SPF Record (15 points) — Is a valid SPF record published? Does it use a strict policy (-all or ~all)?
• DKIM Record (15 points) — Is DKIM configured with at least one valid selector found?
• DMARC Record (15 points) — Is a DMARC policy published? Is it set to quarantine or reject (not just monitoring)?
• SSL Certificate (20 points) — Is HTTPS working with a valid, non-expired certificate? This carries the highest weight because SSL affects both security and SEO.
• Blacklist Status (10 points) — Is the domain's IP address clean across major spam blacklists?

Letter grades are assigned based on total score: A (90-100), B (80-89), C (70-79), D (60-69), and F (below 60).

Improving Your Score

If your domain scored below an A, here are the most common fixes for each category:

• Missing SPF — Add a TXT record like v=spf1 include:_spf.yourprovider.com -all to your domain's DNS.
• Missing DKIM — Enable DKIM signing in your email provider's settings. They will provide a DNS record to publish.
• Missing or weak DMARC — Add a TXT record at _dmarc.yourdomain.com. Start with v=DMARC1; p=quarantine; rua=mailto:[email protected] and progress to p=reject once you are confident.
• SSL issues — Install or renew your SSL certificate. Free certificates from Let's Encrypt are available through most hosting providers. Ensure your site redirects HTTP to HTTPS.
• Blacklisted IP — Visit the specific blacklist's website to request delisting. Address the root cause (compromised account, open relay, or infected server) to prevent re-listing.
• No MX records — If you use email, ensure MX records point to your email provider's servers. If you do not use email on this domain, consider adding a null MX record to prevent abuse.

Why Domain Health Matters

Your domain's health directly impacts several critical areas. Email deliverability depends on proper SPF, DKIM, and DMARC configuration — without them, your emails are increasingly likely to be rejected or filtered as spam. Security is affected by SSL certificate status and blacklist reputation, which signal to visitors and partners whether your domain can be trusted. SEO rankings are influenced by SSL status, as search engines use HTTPS as a ranking signal. And your brand reputation is at risk if your domain lacks proper authentication, leaving it vulnerable to spoofing attacks.

Regular health checks help catch issues before they impact your business. We recommend running a health check after any DNS change, when switching email providers, or at least once a month as part of routine domain maintenance.