Scout
by BlckRhino
Additional Findings
Failing Technical Checks
| Section | Check ID | Proof / Detail |
|---|---|---|
Warnings
Detailed Findings
SPF
SPF helps receivers verify permitted sending servers.
Record:
Field Validation
| Mechanism | Value | Type | Status |
|---|---|---|---|
DKIM
DKIM uses cryptographic signatures to protect message integrity.
Record:
Field Validation
| Field | Value | Message | Status |
|---|---|---|---|
Successful Validation Details
DMARC
DMARC provides policy and authentication failure reporting configuration.
Record:
Field Validation
| Tag | Value | Status |
|---|---|---|
Successful Validation Details
Spoofability Grading
Spoofability grading assesses how easily this domain can be impersonated in email attacks.
Contributing Factors
| Factor | Value |
|---|---|
SPF helps receivers verify permitted sending servers.
Record:
⚠️ Multiple SPF Records Detected
RFC 7208 specifies that a domain MUST NOT have multiple SPF records. When multiple records exist, receiving mail servers may fail SPF validation entirely, causing legitimate email to be rejected or marked as spam. You should consolidate all SPF mechanisms into a single TXT record.
🚨 SPF Record Uses +all (Pass All)
The SPF record contains +all, which permits any server to send email on behalf of this domain. This completely negates SPF protection and also undermines DMARC enforcement, making the domain trivially spoofable. Replace +all with -all (hardfail) or at minimum ~all (softfail).
Field Validation
| Mechanism | Value | Type | Status |
|---|---|---|---|
DKIM uses cryptographic signatures to protect message integrity.
Record:
Field Validation
| Field | Value | Message | Status |
|---|---|---|---|
Successful Validation Details
DMARC provides policy and authentication failure reporting configuration.
Record:
Field Validation
| Tag | Value | Status |
|---|---|---|
Successful Validation Details
Spoofability grading assesses how easily this domain can be impersonated in email attacks, based on the combined strength of SPF, DKIM, and DMARC configurations.
Contributing Factors
| Factor | Value |
|---|---|
Grade 1–2: Domain is difficult to spoof — strong protections in place.
Grade 3–4: Moderate risk — some protections present but gaps exist.
Grade 5+: High spoofability — the domain is easy to impersonate.
Legal Notice (South Africa)
This automated assessment (the "Report") is provided through Scout for informational cyber risk triage only. It does not constitute legal, regulatory, financial, tax, professional security advice, or a definitive compliance determination.
Source data is derived from publicly accessible DNS and related infrastructure lookups at the time of generation. Records may change at any time; no continuous monitoring is implied. Interpret results in context of broader security controls.
While reasonable care was taken to reduce inaccuracies, the Report is supplied strictly on an "as is" and "as available" basis. No warranties (express or implied) are made, including without limitation fitness for a particular purpose, reliability, completeness, merchantability, non‑infringement, or error‑free operation. Errors & Omissions Excepted (E & OE).
To the maximum extent permitted under applicable South African law, the operators of Scout, their directors, employees, contractors and affiliates disclaim liability for any loss, damage (including consequential or indirect), costs or claims arising from reliance on, distribution of, or decisions made using this Report. Statutory rights that cannot be excluded remain unaffected.
No deliberate processing of personal information (as defined under the Protection of Personal Information Act, 2013 – POPIA) is undertaken beyond transient technical queries. If you believe personal information appears here in error, please contact: help@certra.co.za.
Use of this Report signifies acceptance of this notice. If you do not agree, you must refrain from relying on or further distributing its contents.
Version: 2.0 | Generated: (UTC)