Email Security Analysis of tutamail.com
Complete verification of tutamail.com's SPF, DKIM, DMARC, and MTA-STS records. Find out if this domain is protected against email spoofing.
Last updated: April 15, 2026
SPF
OKv=spf1 include:spf.tutanota.de -allDKIM
OKSelectors: s1, s2MX
OKmail.tutanota.deMTA-STS
OKv=STSv1; id=20190723;Recommendations
1Upgrade your DMARC policy from p=quarantine to p=reject for full blocking
With p=quarantine, spoofed emails are sent to spam instead of being blocked outright. Some recipients still check spam folders, and sophisticated attacks can be flagged as legitimate by users. p=reject ensures fraudulent emails never reach any folder.
2Add rua=mailto:dmarc@yourdomain to your DMARC to receive reports
Without DMARC reporting (rua=), you have no visibility into who is sending email on behalf of your domain. Aggregate reports let you detect spoofing attempts, identify misconfigured legitimate senders, and confidently tighten your policy over time.
Run a live analysis
The results above are updated daily. For an instant check of tutamail.com, run a live analysis.
Analyze tutamail.com liveGuides to understand these results
SPF Guide
Understand how SPF defines which servers are authorized to send emails for a domain.
DKIM Guide
Discover how DKIM cryptographically signs your emails to guarantee their authenticity.
DMARC Guide
Learn how DMARC orchestrates SPF and DKIM to protect your domain.
MTA-STS Guide
Learn how MTA-STS enforces TLS encryption to protect your emails in transit.
SPF vs DKIM vs DMARC
Compare the three protocols and understand how they work together.