SpoofCheck

Email Security Analysis of iwla.org

Complete verification of iwla.org's SPF, DKIM, DMARC, and MTA-STS records. Find out if this domain is protected against email spoofing.

Last updated: April 15, 2026

77B
This domain is protected against spoofing

SPF

Warning
v=spf1 a mx ip4:50.16.156.153 ip4:20.81.119.205 include:amazonses.com include:spf.protection.outlook.com include:mail.imismailcenter.com include:6338589.spf08.hubspotemail.net ~all
Read the guide

DKIM

OK
Selectors: selector1, selector2, s1, s2, cm

DMARC

Warning
v=DMARC1; p=quarantine; rua=mailto:86af488c@in.mailhardener.com; ruf=mailto:86af488c@in.mailhardener.com; fo=1
Read the guide

MX

OK
iwla-org.mail.protection.outlook.com

MTA-STS

Warning
v=STSv1; id=20190601000000Z
Read the guide

Recommendations

  1. 1Upgrade your DMARC policy from p=quarantine to p=reject for full blocking

    With p=quarantine, spoofed emails are sent to spam instead of being blocked outright. Some recipients still check spam folders, and sophisticated attacks can be flagged as legitimate by users. p=reject ensures fraudulent emails never reach any folder.

  2. 2Harden your SPF by replacing ~all with -all (hardfail)

    With ~all (softfail), unauthorized senders are flagged but emails are usually still delivered. Switching to -all (hardfail) explicitly tells receiving servers to reject emails from unauthorized sources, providing much stronger protection against spoofing.

  3. 3Switch your MTA-STS policy from testing to enforce mode

    In testing mode, MTA-STS only reports TLS failures without blocking delivery. Switching to enforce mode ensures that emails are only delivered over encrypted connections, providing real protection against interception.

Run a live analysis

The results above are updated daily. For an instant check of iwla.org, run a live analysis.

Analyze iwla.org live

Guides to understand these results

SPF Guide

Understand how SPF defines which servers are authorized to send emails for a domain.

DKIM Guide

Discover how DKIM cryptographically signs your emails to guarantee their authenticity.

DMARC Guide

Learn how DMARC orchestrates SPF and DKIM to protect your domain.

MTA-STS Guide

Learn how MTA-STS enforces TLS encryption to protect your emails in transit.

SPF vs DKIM vs DMARC

Compare the three protocols and understand how they work together.