mailcheck.app

Free SMTP server diagnostics

Test your mail server, live

Send a test email from the server you want to diagnose. We capture the SMTP session, verify SPF, DKIM, DMARC, ARC, and seven more checks — while you watch every command and reply stream in real time.

Protocol Full SMTP transcript Coverage 12 checks in one run Unique Live session control

How it works

Get a test address

We create a temporary inbox just for you. Copy the address and host shown on screen — it stays active for 10 minutes.

Send from your server

Send a test email from the server or application you want to diagnose. The SMTP session streams live as your server connects.

Read the full report

SPF, DKIM, DMARC, PTR, blocklists, spam scores and more — all verified against the actual message your server delivered.

What we check

Every check runs against the message your server actually delivered — no guesswork, no assumptions.

Authentication

SPF

Verifies that the connecting IP is authorised to send for the envelope domain.

Authentication

DKIM

Cryptographically re-verifies the signature against the public key in DNS — not just what the receiving server reported.

Authentication

DMARC

Checks alignment of SPF and DKIM results against the From domain and evaluates the published policy.

Authentication

ARC

Validates the Authenticated Received Chain — essential for diagnosing DMARC failures through forwarders and mailing lists.

Infrastructure

PTR / rDNS

Confirms the connecting IP has a reverse DNS record and that it forward-confirms (FCrDNS), then checks consistency with the HELO domain.

Infrastructure

List-Unsubscribe

Checks RFC 2369 compliance and one-click unsubscribe support per RFC 8058 — required by Gmail and Yahoo for bulk senders.

Reputation

IP Blocklists

Checks the connecting IP against multiple DNS-based blocklists (DNSBL).

Reputation

Domain Blocklists

Checks the sender's From domain against domain reputation lists (RHSBL) — an angle most tools miss.

Reputation

Domain Age

Looks up when the sender domain was registered. Newly-registered domains carry elevated spam risk.

Content

Rspamd

Submits the full message to Rspamd — the dominant filter in self-hosted mail stacks — and maps the score to a verdict.

Content

SpamAssassin

Runs the message through SpamAssassin alongside Rspamd, so you see both perspectives in one run.

Authentication

BIMI

Checks whether the sender's domain publishes a BIMI record and validates any attached Mark Certificate (VMC).

Authentication

SPF

Verifies that the connecting IP is authorised to send for the envelope domain.

Authentication

DKIM

Cryptographically re-verifies the signature against the public key in DNS — not just what the receiving server reported.

Authentication

DMARC

Checks alignment of SPF and DKIM results against the From domain and evaluates the published policy.

Authentication

ARC

Validates the Authenticated Received Chain — essential for diagnosing DMARC failures through forwarders and mailing lists.

Infrastructure

PTR / rDNS

Confirms the connecting IP has a reverse DNS record and that it forward-confirms (FCrDNS), then checks consistency with the HELO domain.

Infrastructure

List-Unsubscribe

Checks RFC 2369 compliance and one-click unsubscribe support per RFC 8058 — required by Gmail and Yahoo for bulk senders.

Reputation

IP Blocklists

Checks the connecting IP against multiple DNS-based blocklists (DNSBL).

Reputation

Domain Blocklists

Checks the sender's From domain against domain reputation lists (RHSBL) — an angle most tools miss.

Reputation

Domain Age

Looks up when the sender domain was registered. Newly-registered domains carry elevated spam risk.

Content

Rspamd

Submits the full message to Rspamd — the dominant filter in self-hosted mail stacks — and maps the score to a verdict.

Content

SpamAssassin

Runs the message through SpamAssassin alongside Rspamd, so you see both perspectives in one run.

Authentication

BIMI

Checks whether the sender's domain publishes a BIMI record and validates any attached Mark Certificate (VMC).

Authentication

SPF

Verifies that the connecting IP is authorised to send for the envelope domain.

Authentication

DKIM

Cryptographically re-verifies the signature against the public key in DNS — not just what the receiving server reported.

Authentication

DMARC

Checks alignment of SPF and DKIM results against the From domain and evaluates the published policy.

Authentication

ARC

Validates the Authenticated Received Chain — essential for diagnosing DMARC failures through forwarders and mailing lists.

Infrastructure

PTR / rDNS

Confirms the connecting IP has a reverse DNS record and that it forward-confirms (FCrDNS), then checks consistency with the HELO domain.

Infrastructure

List-Unsubscribe

Checks RFC 2369 compliance and one-click unsubscribe support per RFC 8058 — required by Gmail and Yahoo for bulk senders.

Reputation

IP Blocklists

Checks the connecting IP against multiple DNS-based blocklists (DNSBL).

Reputation

Domain Blocklists

Checks the sender's From domain against domain reputation lists (RHSBL) — an angle most tools miss.

Reputation

Domain Age

Looks up when the sender domain was registered. Newly-registered domains carry elevated spam risk.

Content

Rspamd

Submits the full message to Rspamd — the dominant filter in self-hosted mail stacks — and maps the score to a verdict.

Content

SpamAssassin

Runs the message through SpamAssassin alongside Rspamd, so you see both perspectives in one run.

Authentication

BIMI

Checks whether the sender's domain publishes a BIMI record and validates any attached Mark Certificate (VMC).

Authentication

SPF

Verifies that the connecting IP is authorised to send for the envelope domain.

Authentication

DKIM

Cryptographically re-verifies the signature against the public key in DNS — not just what the receiving server reported.

Authentication

DMARC

Checks alignment of SPF and DKIM results against the From domain and evaluates the published policy.

Authentication

ARC

Validates the Authenticated Received Chain — essential for diagnosing DMARC failures through forwarders and mailing lists.

Infrastructure

PTR / rDNS

Confirms the connecting IP has a reverse DNS record and that it forward-confirms (FCrDNS), then checks consistency with the HELO domain.

Infrastructure

List-Unsubscribe

Checks RFC 2369 compliance and one-click unsubscribe support per RFC 8058 — required by Gmail and Yahoo for bulk senders.

Reputation

IP Blocklists

Checks the connecting IP against multiple DNS-based blocklists (DNSBL).

Reputation

Domain Blocklists

Checks the sender's From domain against domain reputation lists (RHSBL) — an angle most tools miss.

Reputation

Domain Age

Looks up when the sender domain was registered. Newly-registered domains carry elevated spam risk.

Content

Rspamd

Submits the full message to Rspamd — the dominant filter in self-hosted mail stacks — and maps the score to a verdict.

Content

SpamAssassin

Runs the message through SpamAssassin alongside Rspamd, so you see both perspectives in one run.

Authentication

BIMI

Checks whether the sender's domain publishes a BIMI record and validates any attached Mark Certificate (VMC).

What makes us different

A few things worth knowing about how the tool works.

Live SMTP transcript

Every command and reply streams to your browser as it happens, syntax-highlighted and linked to the relevant check. See exactly what happened at the protocol level.

Live session control

Accept, reject, drop or tarpit the connection mid-session without touching your server config. Useful for testing how sending systems handle various server responses.

Two spam engines, one run

Rspamd and SpamAssassin both run against your delivered message, giving you two independent spam filter scores in a single test.

Shareable results

Every result gets a stable URL you can share or revisit later. Results are kept for 30 days.