Results for berkeleyprep.org
Analysis performed on April 15, 2026 at 02:49 PM
SPF
Warningv=spf1 ip4:207.200.14.7 ip4:172.109.214.122/29 ip4:142.190.150.192/27 ip4:198.37.147.129 ip4:23.83.218.247 include:spf.protection.outlook.com include:_spf.google.com include:docebosaas.com include:finalsiteconnect.com include:outboundmail.blackbaud.net ~allDKIM
OKSelectors: google, selector1, selector2, s1, s2DMARC
Warningv=DMARC1; p=quarantine; rua=mailto:b5ccf87ecb5747ce9698da68d9f8dd48@dmarc-reports.cloudflare.netMX
OKberkeleyprep-org.mail.protection.outlook.comRecommendations
1Upgrade your DMARC policy from p=quarantine to p=reject for full blocking
With p=quarantine, spoofed emails are sent to spam instead of being blocked outright. Some recipients still check spam folders, and sophisticated attacks can be flagged as legitimate by users. p=reject ensures fraudulent emails never reach any folder.
2Harden your SPF by replacing ~all with -all (hardfail)
With ~all (softfail), unauthorized senders are flagged but emails are usually still delivered. Switching to -all (hardfail) explicitly tells receiving servers to reject emails from unauthorized sources, providing much stronger protection against spoofing.
3Add MTA-STS to enforce TLS encryption for incoming emails
Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.
Badge for your website
Display your email security score on your website.
<a href="https://spoofchecker.online/en/email-security/berkeleyprep.org" target="_blank" rel="noopener"><img src="https://spoofchecker.online/api/badge/berkeleyprep.org?score=72&grade=B" alt="Email security score for berkeleyprep.org" height="28"></a>