SpoofCheck

accor.com email security: SPF, DKIM & DMARC

Is accor.com spoofable? See accor.com's SPF, DKIM, DMARC and MTA-STS records and find out if this domain is protected against email spoofing.

Last updated: June 3, 2026

73B
This domain is vulnerable to spoofing

SPF

OK
v=spf1 include:spf.tmes.trendmicro.com include:spf.mantrahotels.com include:oracle.accor.com include:amazonses.com include:et._spf.pardot.com include:ivvy.net ip4:134.119.228.36 ip4:149.72.203.251 ip4:149.72.218.167 ip4:198.37.147.116 ip4:198.37.147.117 ip4:198.37.147.137 ip4:198.37.147.154 ip4:65.123.29.0/24 ip4:195.137.181.32 ip4:202.79.215.81 ip4:222.73.37.184 ip4:213.42.47.253 ip4:62.192.13.116 ip4:142.131.15.249 ip4:185.43.105.124 ip4:13.36.232.245 ip4:13.37.131.223 ip4:209.61.151.0/24 ip4:166.78.68.0/22 ip4:198.61.254.0/23 ip4:192.237.158.0/23 ip4:23.253.182.0/23 ip4:104.130.96.0/28 ip4:146.20.113.0/24 ip4:146.20.191.0/24 ip4:159.135.224.0/20 ip4:69.72.32.0/20 ip4:104.130.122.0/23 ip4:146.20.112.0/26 ip4:161.38.192.0/20 ip4:143.55.224.0/21 ip4:143.55.232.0/22 ip4:159.112.240.0/20 ip4:198.244.48.0/20 ip4:204.220.168.0/21 ip4:204.220.176.0/20 ip4:141.193.32.0/23 ip4:159.135.140.80/29 ip4:159.135.132.128/25 ip4:161.38.204.0/22 ip4:87.253.232.0/21 ip4:185.189.236.0/22 ip4:185.211.120.0/22 ip4:185.250.236.0/22 ip4:143.55.236.0/22 ip4:198.244.60.0/22 ip4:204.220.160.0/21 -all

DKIM

OK
Selectors: mandrill, dkim, mail, zendesk1, zendesk2, cm

DMARC

Warning
v=DMARC1; p=none; rua=mailto:accor@dmarcrua.tmes.trendmicro.eu; ruf=mailto:accor@dmarcrua.tmes.trendmicro.eu
Read the guide

MX

OK
accor.in.tmes.trendmicro.eu

MTA-STS

Missing

No record found

Read the guide

Recommendations

  1. 1Change your DMARC policy from p=none to p=reject to block spoofing

    With p=none, your DMARC record only monitors — it doesn't actually block spoofed emails. Attackers can still send emails as your domain and they'll be delivered normally. Switching to p=reject instructs receiving servers to drop fraudulent messages before they reach the inbox.

  2. 2Add MTA-STS to enforce TLS encryption for incoming emails

    Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.

Need help securing your domain?

If you're not sure how to apply these fixes, get in touch and we'll help you out.

Contact us

Run a live analysis

The results above are updated daily. For an instant check of accor.com, run a live analysis.

Analyze accor.com live

Frequently asked questions about accor.com

Is accor.com spoofable?

Yes. accor.com does not enforce a strong DMARC policy, so attackers may be able to send emails that appear to come from accor.com. Email security score: 73/100 (grade B).

Does accor.com have an SPF record?

Yes, accor.com publishes an SPF record (-all qualifier).

What is accor.com's DMARC record?

accor.com publishes a DMARC record (_dmarc.accor.com) with a p=none policy.

Does accor.com use DKIM?

Yes, DKIM signatures were detected for accor.com.

Want to test another domain? Run a free email spoofing test.

Guides to understand these results

SPF Guide

Understand how SPF defines which servers are authorized to send emails for a domain.

DKIM Guide

Discover how DKIM cryptographically signs your emails to guarantee their authenticity.

DMARC Guide

Learn how DMARC orchestrates SPF and DKIM to protect your domain.

MTA-STS Guide

Learn how MTA-STS enforces TLS encryption to protect your emails in transit.

SPF vs DKIM vs DMARC

Compare the three protocols and understand how they work together.

Check other domains

hilton.commarriott.comflixbus.frtrainline.comgetaround.combolt.eu