gitpod.io email security: SPF, DKIM & DMARC
Is gitpod.io spoofable? See gitpod.io's SPF, DKIM, DMARC and MTA-STS records and find out if this domain is protected against email spoofing.
Last updated: June 3, 2026
SPF
OKv=spf1 a mx include:_spf.google.com include:sendgrid.net include:mail.zendesk.com ~allDKIM
OKSelectors: google, s1, s2, zendesk1, zendesk2DMARC
OKv=DMARC1;p=reject;sp=reject;rua=mailto:dmarc@gitpod.io;ri=86400;MX
OKaspmx.l.google.com, alt2.aspmx.l.google.com, alt1.aspmx.l.google.com, aspmx3.googlemail.com, aspmx2.googlemail.comRecommendations
1Add MTA-STS to enforce TLS encryption for incoming emails
Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.
Run a live analysis
The results above are updated daily. For an instant check of gitpod.io, run a live analysis.
Analyze gitpod.io liveFrequently asked questions about gitpod.io
Is gitpod.io spoofable?
No. gitpod.io is protected against email spoofing with a robust configuration. Email security score: 90/100 (grade A).
Does gitpod.io have an SPF record?
Yes, gitpod.io publishes an SPF record (~all qualifier).
What is gitpod.io's DMARC record?
gitpod.io publishes a DMARC record (_dmarc.gitpod.io) with a p=reject policy.
Does gitpod.io use DKIM?
Yes, DKIM signatures were detected for gitpod.io.
Want to test another domain? Run a free email spoofing test.
Guides to understand these results
SPF Guide
Understand how SPF defines which servers are authorized to send emails for a domain.
DKIM Guide
Discover how DKIM cryptographically signs your emails to guarantee their authenticity.
DMARC Guide
Learn how DMARC orchestrates SPF and DKIM to protect your domain.
MTA-STS Guide
Learn how MTA-STS enforces TLS encryption to protect your emails in transit.
SPF vs DKIM vs DMARC
Compare the three protocols and understand how they work together.