cnet.com: 71% email security

0

DMARC Check Results

45 / 50 points

Score Breakdown

DMARC record published

+10

Syntax valid

+5

Reject policy (maximum protection)

+20

Aggregate reporting (rua) configured and verified

+10

Forensic reporting (ruf) not configured (optional)

0 / 5

DMARC Check Passed: Properly Configured

DMARC record is valid and configured correctly.

_dmarc.cnet.com TXT Entry:

v=DMARC1;p=reject;rua=mailto:[email protected];

Policy (p)

reject

DKIM Alignment (adkim)

Relaxed (default)

SPF Alignment (aspf)

Relaxed (default)

Reporting (RUA/RUF)

Aggregate Reports

Configured

[email protected]

External Domain Verification

[email protected]

Verification successful

Learn more about aggregate reports →

Forensic Reports

Not Configured

Learn more about forensic reports →

Add Our Monitoring System

You can add our monitoring system alongside your existing setup. DMARC supports multiple mailto: addresses, giving you additional visibility and backup reporting.

Automated DMARC report processing every 5 minutes
Clear insights and actionable recommendations
Track all sending sources and authentication results

Get Started

0

BIMI Check (default selector)

0 / 20 points

Score Breakdown

BIMI record published (optional)

0 / 5

No BIMI Record Found

Publish a TXT record at default._bimi.cnet.com with v=BIMI1, logo URL (l=) and optional verified mark certificate (a=).

Create BIMI Record for cnet.com

0

SPF Record Check Results

26 / 30 points

Score Breakdown

SPF record published

+10

Syntax valid

+5

Soft fail policy (~all)

+6 / 10

No configuration warnings

+5

SPF record is valid.

cnet.com TXT SPF Entry:

v=spf1 include:_spf.google.com include:_spf.salesforce.com include:spf.protection.outlook.com include:spf_c.oraclecloud.com ~all

Syntax Check

OK

DNS Lookup Count

7 / 10 max

Root-level mechanisms requiring DNS queries: 4.

Void Lookups

1 / 2 max

Default Policy

~all

Soft fail: Mark emails from unauthorized servers as suspicious but don't reject

All Authorized IP Addresses

Grouped by DNS record source (includes and sub-includes)

include:_spf.google.com | Google

74.125.0.0/16

209.85.128.0/17

2001:4860:4000::/36

2404:6800:4000::/36

2607:f8b0:4000::/36

2800:3f0:4000::/36

2a00:1450:4000::/36

2c0f:fb50:4000::/36

include:spf.protection.outlook.com | Microsoft 365

40.92.0.0/15

40.107.0.0/16

52.100.0.0/15

52.102.0.0/16

52.103.0.0/17

104.47.0.0/17

2a01:111:f400::/48

2a01:111:f403::/49

2a01:111:f403:8000::/51

2a01:111:f403:c000::/51

2a01:111:f403:f000::/52

include:spf_c.oraclecloud.com

147.154.59.192/26

147.154.123.119

170.52.3.228

192.29.143.169

159.112.165.64/26

192.29.42.231

129.149.37.192/26

158.178.219.192/26

158.179.11.192/26

170.52.4.253

147.154.14.34

81.208.187.192/26

204.216.114.64/26

158.180.181.192/26

158.179.135.64/26

79.72.112.64/26

64.181.146.64/26

This record also contains:

include:spf_s1.oraclecloud.com include:spf_s2.oraclecloud.com

include:spf_s1.oraclecloud.com

216.131.131.240/28

141.145.63.16/28

129.152.95.16/28

129.152.79.16/28

207.127.109.192/26

151.104.48.26

151.104.61.235

84.235.196.192/26

84.235.197.192/26

84.8.179.64/26

159.13.87.0/26

129.148.11.192/26

207.127.107.192/26

147.154.255.192/26

192.29.216.192/26

146.56.127.192/26

192.29.91.192/26

204.216.119.192/26

129.153.243.192/26

include:spf_s2.oraclecloud.com

147.154.189.192/26

141.145.79.16/28

129.148.219.192/26

129.157.31.16/28

207.211.139.192/26

155.248.28.128/26

155.248.119.192/26

155.248.115.192/26

129.149.63.192/26

192.29.172.192/26

207.127.72.64/26

192.29.207.192/26

192.29.232.192/26

192.29.137.192/26

204.216.127.192/26

192.29.178.192/26

129.149.22.192/26

79.72.22.64/26

79.72.39.64/26

DNS Lookup Details

1

include:
_spf.google.com | Google

Valid

SPF record found

Lookup cost: 0

Included by cnet.com

TXT Record

v=spf1 ip4:74.125.0.0/16 ip4:209.85.128.0/17 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36 ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all

Processed recursively per RFC 7208

2

include:
_spf.salesforce.com

Valid

SPF record found

Lookup cost: 1

Included by cnet.com

TXT Record

v=spf1 exists:%{i}._spf.mta.salesforce.com -all

Processed recursively per RFC 7208

3

exists:
%{i}._spf.mta.salesforce.com

Not exists

Domain does not exist

Lookup cost: 1

4

include:
spf.protection.outlook.com | Microsoft 365

Valid

SPF record found

Lookup cost: 0

Included by cnet.com

TXT Record

v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/15 ip4:52.102.0.0/16 ip4:52.103.0.0/17 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all

Processed recursively per RFC 7208

5

include:
spf_c.oraclecloud.com

Valid

SPF record found

Lookup cost: 2

Included by cnet.com

TXT Record

v=spf1 ip4:147.154.59.192/26 ip4:147.154.123.119 include:spf_s1.oraclecloud.com include:spf_s2.oraclecloud.com ip4:170.52.3.228 ip4:192.29.143.169 ip4:159.112.165.64/26 ip4:192.29.42.231 ip4:129.149.37.192/26 ip4:158.178.219.192/26 ip4:158.179.11.192/26 ip4:170.52.4.253 ip4:147.154.14.34 ip4:81.208.187.192/26 ip4:204.216.114.64/26 ip4:158.180.181.192/26 ip4:158.179.135.64/26 ip4:79.72.112.64/26 ip4:64.181.146.64/26 -all

Processed recursively per RFC 7208

6

include:
spf_s1.oraclecloud.com

Valid

SPF record found

Lookup cost: 0

Included by spf_c.oraclecloud.com

TXT Record

v=spf1 ip4:216.131.131.240/28 ip4:141.145.63.16/28 ip4:129.152.95.16/28 ip4:129.152.79.16/28 ip4:207.127.109.192/26 ip4:151.104.48.26 ip4:151.104.61.235 ip4:84.235.196.192/26 ip4:84.235.197.192/26 ip4:84.8.179.64/26 ip4:159.13.87.0/26 ip4:129.148.11.192/26 ip4:207.127.107.192/26 ip4:147.154.255.192/26 ip4:192.29.216.192/26 ip4:146.56.127.192/26 ip4:192.29.91.192/26 ip4:204.216.119.192/26 ip4:129.153.243.192/26 -all

Processed recursively per RFC 7208

7

include:
spf_s2.oraclecloud.com

Valid

SPF record found

Lookup cost: 0

Included by spf_c.oraclecloud.com

TXT Record

v=spf1 ip4:147.154.189.192/26 ip4:141.145.79.16/28 ip4:129.148.219.192/26 ip4:129.157.31.16/28 ip4:207.211.139.192/26 ip4:155.248.28.128/26 ip4:155.248.119.192/26 ip4:155.248.115.192/26 ip4:129.149.63.192/26 ip4:192.29.172.192/26 ip4:207.127.72.64/26 ip4:192.29.207.192/26 ip4:192.29.232.192/26 ip4:192.29.137.192/26 ip4:204.216.127.192/26 ip4:192.29.178.192/26 ip4:129.149.22.192/26 ip4:79.72.22.64/26 ip4:79.72.39.64/26 -all

Processed recursively per RFC 7208

Email Security Configuration

How cnet.com configures email authentication

DMARC Domain Policy

Configured

v=DMARC1;p=reject;rua=mailto:[email protected];

p=reject DKIM: relaxed SPF: relaxed Reports enabled

SPF Sender Authorization

Configured

v=spf1 include:_spf.google.com include:_spf.salesforce.com include:spf.protection.outlook.com include:spf_c.oraclecloud.com ~all

~all 4 includes

BIMI Brand Indicator

Not set

No BIMI record configured for this domain

Change History

Monitoring started January 10, 2026

Configuration changes will appear here when detected

Check Another Domain

Run a free email authentication check (DMARC, SPF, BIMI).

We will generate a shareable URL for your domain.

Try popular examples: google.com, amazon.com, booking.com

Explore Other Domains

Discover how other organizations configure their email authentication

Popular Domains

Frequently checked

Well-Configured

Reject policy + valid SPF

Same Policy

Also using reject

Showing domains checked by our users. All data is from public DNS records.

About This Checker

What we check

We analyze your domain's email authentication: DMARC policy and alignment, SPF record and includes, and BIMI logo/CV when present.

Why it matters

Healthy authentication improves delivery and blocks spoofing. Major inbox providers increasingly require DMARC and robust SPF/DKIM practices for senders.

Included features

DMARC syntax, policy, and reporting validation
SPF record evaluation and include analysis
DKIM/SPF alignment interpretation
BIMI record and VMC detection
Clear setup and remediation guidance

Related Tools

Free DMARC Record Generator
State of DMARC: Top 100 Domains
Check Another Domain

Authentication Records Check for

Domain Health Score

Top Recommendation

DMARC Check Results

Score Breakdown

DMARC Check Passed: Properly Configured

_dmarc.cnet.com TXT Entry:

Reporting (RUA/RUF)

Aggregate Reports

External Domain Verification

Forensic Reports

Add Our Monitoring System

BIMI Check (default selector)

Score Breakdown

SPF Record Check Results

Score Breakdown

cnet.com TXT SPF Entry:

Default Policy

All Authorized IP Addresses

include:_spf.google.com | Google

include:spf.protection.outlook.com | Microsoft 365

include:spf_c.oraclecloud.com

include:spf_s1.oraclecloud.com

include:spf_s2.oraclecloud.com

DNS Lookup Details

include: _spf.google.com | Google

include: _spf.salesforce.com

exists: %{i}._spf.mta.salesforce.com

include: spf.protection.outlook.com | Microsoft 365

include: spf_c.oraclecloud.com

include: spf_s1.oraclecloud.com

include: spf_s2.oraclecloud.com

Email Security Configuration

Change History

Check Another Domain

Explore Other Domains

Popular Domains

Well-Configured

Same Policy

About This Checker

What we check

Why it matters

Included features

Related Tools

The Best Way to Monitor Your DMARC Performance

include:
_spf.google.com | Google

include:
_spf.salesforce.com

exists:
%{i}._spf.mta.salesforce.com

include:
spf.protection.outlook.com | Microsoft 365

include:
spf_c.oraclecloud.com

include:
spf_s1.oraclecloud.com

include:
spf_s2.oraclecloud.com