SpoofCheck
🇫🇷Free email security analysis

Results for cloudflare.com

90A
This domain is protected against spoofing

SPF

OK
v=spf1 ip4:199.15.212.0/22 ip4:173.245.48.0/20 include:_spf.google.com include:spf1.mcsv.net include:spf.mandrillapp.com include:mail.zendesk.com include:stspg-customer.com include:_spf.salesforce.com -all

DKIM

OK
Selectors: k1, mandrill, s1, zendesk1, zendesk2

DMARC

OK
v=DMARC1; p=reject; pct=100; rua=mailto:rua@cloudflare.com,mailto:cloudflare@dmarc.area1reports.com; ruf=mailto:cloudflare@dmarc.area1reports.com

MX

OK
mxa-canary.global.inbound.cf-emailsecurity.net, mxb-canary.global.inbound.cf-emailsecurity.net, mxa.global.inbound.cf-emailsecurity.net, mxb.global.inbound.cf-emailsecurity.net

MTA-STS

Missing

No record found

Read the guide

Recommendations

  1. 1Add MTA-STS to enforce TLS encryption for incoming emails

    Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.

Check another domain

Badge for your website

Display your email security score on your website.

SpoofCheck badge for cloudflare.com
<a href="https://spoofchecker.online/en/email-security/cloudflare.com" target="_blank" rel="noopener"><img src="https://spoofchecker.online/api/badge/cloudflare.com?score=90&grade=A" alt="Email security score for cloudflare.com" height="28"></a>