SpoofCheck

opodo.fr email security: SPF, DKIM & DMARC

Is opodo.fr spoofable? See opodo.fr's SPF, DKIM, DMARC and MTA-STS records and find out if this domain is protected against email spoofing.

Last updated: June 3, 2026

50C
This domain is vulnerable to spoofing

SPF

Warning
v=spf1 include:spf-a.odigeo.com include:spf-b.odigeo.com include:u1941612.wl.sendgrid.net ip4:82.150.225.79 ip4:206.17.168.27 ip4:62.23.35.22 mx ?include:trustpilotservice.com ~all
Read the guide

DKIM

OK
Selectors: s1, s2

DMARC

Missing

No record found

Read the guide

MX

OK
alt1.aspmx.l.google.com, alt2.aspmx.l.google.com

MTA-STS

Missing

No record found

Read the guide

Recommendations

  1. 1Add a DMARC record: _dmarc.yourdomain TXT "v=DMARC1; p=reject; adkim=s; aspf=s; rua=mailto:dmarc@yourdomain"

    Without DMARC, receiving mail servers have no way to know what to do when SPF or DKIM checks fail. Anyone can send emails pretending to be from your domain, and most servers will deliver them. DMARC with p=reject tells receivers to block unauthorized emails entirely.

  2. 2Harden your SPF by replacing ~all with -all (hardfail)

    With ~all (softfail), unauthorized senders are flagged but emails are usually still delivered. Switching to -all (hardfail) explicitly tells receiving servers to reject emails from unauthorized sources, providing much stronger protection against spoofing.

  3. 3Add MTA-STS to enforce TLS encryption for incoming emails

    Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.

Need help securing your domain?

If you're not sure how to apply these fixes, get in touch and we'll help you out.

Contact us

Run a live analysis

The results above are updated daily. For an instant check of opodo.fr, run a live analysis.

Analyze opodo.fr live

Frequently asked questions about opodo.fr

Is opodo.fr spoofable?

Yes. opodo.fr does not enforce a strong DMARC policy, so attackers may be able to send emails that appear to come from opodo.fr. Email security score: 50/100 (grade C).

Does opodo.fr have an SPF record?

Yes, opodo.fr publishes an SPF record (~all qualifier).

What is opodo.fr's DMARC record?

No DMARC record (_dmarc.opodo.fr) was found for opodo.fr.

Does opodo.fr use DKIM?

Yes, DKIM signatures were detected for opodo.fr.

Want to test another domain? Run a free email spoofing test.

Guides to understand these results

SPF Guide

Understand how SPF defines which servers are authorized to send emails for a domain.

DKIM Guide

Discover how DKIM cryptographically signs your emails to guarantee their authenticity.

DMARC Guide

Learn how DMARC orchestrates SPF and DKIM to protect your domain.

MTA-STS Guide

Learn how MTA-STS enforces TLS encryption to protect your emails in transit.

SPF vs DKIM vs DMARC

Compare the three protocols and understand how they work together.

Check other domains

transavia.comaccor.comhilton.commarriott.comflixbus.frtrainline.com