SPF Checker
Review SPF records for missing includes, lookup-limit risk, and sender authorization problems.
Free SPF checker
Read the small-business DMARC policy guide after reviewing SPF so email authentication moves as one program, not isolated DNS edits.
CHECK YOUR DOMAIN with the SPF checker, then Open related checker pages for DMARC, DKIM, and MX evidence so sender authorization is reviewed in context.
SCANNER-FIRST NEXT STEP: run the full Exposure Report after the SPF lookup so SPF, DMARC, TLS, and security-header posture are reviewed together.
Why this matters
Review SPF records for missing includes, lookup-limit risk, and sender authorization problems. The goal is not to create noise. The goal is to turn a visible security signal into a clear next action a business owner, MSP, or IT lead can understand.
What to check
- Confirm the public signal exists and is current.
- Record the evidence in a way another person can validate.
- Separate urgent exposure from normal hygiene work.
- Link the finding to a remediation guide, tool, or assessment.
Recommended workflow
- Run the check or read the assessment criteria.
- Save the visible evidence.
- Decide whether the finding affects email trust, web trust, identity, backup, or compliance evidence.
- Fix the highest-confidence issue first.
- Re-test and document the new result.
Output to keep
| Evidence | Why it matters | Owner | | --- | --- | --- | | Current public result | Establishes baseline | IT / MSP | | Recommended change | Shows next action | Technical owner | | Retest result | Proves closure | Reviewer |
FAQ
Is the spf checker free?
Yes. Breach Horizon content and public-surface checks are designed as free entry points. Some remediation links may be affiliate links and are disclosed.
Does this require internal access?
No. Tool pages are built around public-surface checks and educational guidance unless clearly stated otherwise.
Find the gaps attackers check first.
Start with a public-surface check, then use the guides and assessments to fix what matters.