Authentication Records Check for

stanford.edu

Instant checks for DMARC, SPF, and BIMI with clear, actionable guidance.

DMARC SPF BIMI

All data displayed is public and provided by the DNS system. Use of this website is subject to our Terms of Service.

Last checked about 18 hours ago

0 out of 100
Good

Domain Health Score

Your domain has basic email authentication in place. Consider strengthening your configuration for better protection.

SPF
Sender Policy Framework
22 / 30
DMARC
Domain-based Message Authentication
42 / 50
BIMI
Brand Indicators for Message Identification
0 / 20

Top Recommendation

+8

Upgrade DMARC policy to reject for stronger protection

DMARC improvement

0

DMARC Check Results

42 / 50 points

Score Breakdown

DMARC record published
+10
Syntax valid
+5
Quarantine policy
+12 / 20
Aggregate reporting (rua) configured and verified
+10
Forensic reporting (ruf) configured
+5

DMARC Check Passed: Properly Configured

DMARC record is valid and configured correctly.

_dmarc.stanford.edu TXT Entry:

v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected];

Policy (p)

quarantine

DKIM Alignment (adkim)

Relaxed (default)

SPF Alignment (aspf)

Relaxed (default)

Reporting (RUA/RUF)

Aggregate Reports

Configured
[email protected]
External Domain Verification
[email protected]

Verification successful

Learn more about aggregate reports →

Forensic Reports

Configured
[email protected]
External Domain Verification
[email protected]

Verification successful

Learn more about forensic reports →

Add Our Monitoring System

You can add our monitoring system alongside your existing setup. DMARC supports multiple mailto: addresses, giving you additional visibility and backup reporting.

  • Automated DMARC report processing every 5 minutes
  • Track all sending sources and authentication results
  • Email alerts when your DNS records change
Get Started
0

BIMI Check (default selector)

0 / 20 points

Score Breakdown

BIMI record published (optional)
0 / 5

No BIMI Record Found

Publish a TXT record at default._bimi.stanford.edu with v=BIMI1, logo URL (l=) and optional verified mark certificate (a=).

Create BIMI Record for stanford.edu
0

SPF Record Check Results

22 / 30 points

Score Breakdown

SPF record published
+10
Syntax valid
+5
Neutral policy (?all)
+2 / 10
No configuration warnings
+5

SPF record is valid.

stanford.edu TXT SPF Entry:

v=spf1 ip4:171.67.219.64/27 ip4:171.67.224.0/28 ip4:171.67.43.137 ip4:171.67.43.138 ip4:171.67.43.139 ip4:171.67.43.140 ip4:171.67.43.141 include:_spf.google.com include:_spf.qualtrics.com include:icpbounce.com include:spf.protection.outlook.com ip4:148.163.149.245 ip4:148.163.153.235 ip4:148.163.135.119 ip4:148.163.139.119 ip4:67.231.149.169 ip4:67.231.157.125 ip4:67.231.152.67 ip4:208.84.65.155 ?all

Syntax Check

OK

DNS Lookup Count

7 / 10 max

Root-level mechanisms requiring DNS queries: 4.

Void Lookups

0 / 2 max

Default Policy

?all

Neutral: No policy statement about unauthorized servers

All Authorized IP Addresses

Grouped by DNS record source (includes and sub-includes)

stanford.edu (Root SPF Record)
171.67.219.64/27
171.67.224.0/28
171.67.43.137
171.67.43.138
171.67.43.139
171.67.43.140
171.67.43.141
148.163.149.245
148.163.153.235
148.163.135.119
148.163.139.119
67.231.149.169
67.231.157.125
67.231.152.67
208.84.65.155

This record also contains:

include:_spf.google.com - Google include:_spf.qualtrics.com include:icpbounce.com include:spf.protection.outlook.com - Microsoft 365
include:_spf.google.com | Google
74.125.0.0/16
209.85.128.0/17
2001:4860:4000::/36
2404:6800:4000::/36
2607:f8b0:4000::/36
2800:3f0:4000::/36
2a00:1450:4000::/36
2c0f:fb50:4000::/36
include:_spf.qualtrics.com
162.247.216.0/22
139.60.152.0/22
98.97.248.0/21
64.69.212.0/24
54.186.193.102/32
52.222.73.120/32
52.222.73.83
52.222.62.51
52.222.75.85
52.222.89.228
160.1.62.192
52.61.91.9
15.200.21.50
15.200.201.185
15.200.44.248
include:icpbounce.com
40.143.226.0/24
63.236.100.0/24
66.77.16.0/24
74.202.227.32/27
216.27.93.0/25
216.27.84.64/27
66.192.165.128/28
66.162.193.224/28
64.132.109.48/28
216.27.86.128/26
207.254.213.192/26
69.166.133.128/29
69.166.133.224/29
69.166.133.232/29
include:spf.protection.outlook.com | Microsoft 365
40.92.0.0/15
40.107.0.0/16
52.100.0.0/15
52.102.0.0/16
52.103.0.0/17
104.47.0.0/17
2a01:111:f400::/48
2a01:111:f403::/49
2a01:111:f403:8000::/51
2a01:111:f403:c000::/51
2a01:111:f403:f000::/52

DNS Lookup Details

1
include:
_spf.google.com | Google
Valid

SPF record found

Lookup cost: 0
Included by stanford.edu

TXT Record

v=spf1 ip4:74.125.0.0/16 ip4:209.85.128.0/17 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36 ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all

Processed recursively per RFC 7208

2
include:
_spf.qualtrics.com
Valid

SPF record found

Lookup cost: 0
Included by stanford.edu

TXT Record

v=spf1 ip4:162.247.216.0/22 ip4:139.60.152.0/22 ip4:98.97.248.0/21 ip4:64.69.212.0/24 ip4:54.186.193.102/32 ip4:52.222.73.120/32 ip4:52.222.73.83 ip4:52.222.62.51 ip4:52.222.75.85 ip4:52.222.89.228 ip4:160.1.62.192 ip4:52.61.91.9 ip4:15.200.21.50 ip4:15.200.201.185 ip4:15.200.44.248 -all

Processed recursively per RFC 7208

3
include:
icpbounce.com
Valid

SPF record found

Lookup cost: 2
Included by stanford.edu

TXT Record

v=spf1 ip4:40.143.226.0/24 ip4:63.236.100.0/24 ip4:66.77.16.0/24 ip4:74.202.227.32/27 ip4:216.27.93.0/25 ip4:216.27.84.64/27 ip4:66.192.165.128/28 ip4:66.162.193.224/28 ip4:64.132.109.48/28 ip4:216.27.86.128/26 ip4:207.254.213.192/26 ip4:69.166.133.128/29 ip4:69.166.133.224/29 ip4:69.166.133.232/29 a mx -all

Processed recursively per RFC 7208

4
a:
icpbounce.com
Resolved

A/AAAA records found: 2

2 records found
Lookup cost: 1
5
mx:
icpbounce.com
Resolved

MX records found: 1

Lookup cost: 2

MX Records:

bounces001.icpbounce.com (priority: 5) - A: 1, AAAA: 0
6
include:
spf.protection.outlook.com | Microsoft 365
Valid

SPF record found

Lookup cost: 0
Included by stanford.edu

TXT Record

v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/15 ip4:52.102.0.0/16 ip4:52.103.0.0/17 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all

Processed recursively per RFC 7208

Know When Your DNS Records Change

The check you just ran shows your current configuration. But DNS records change, sometimes without you knowing. A well-meaning IT change, a third-party provider update, or an unauthorized modification can break your email delivery overnight.

Configuration Drift

IT changes that accidentally break authentication

Provider Updates

Third-party services changing their SPF includes

Unauthorized Changes

Attackers modifying records to send as you

DMARCTrust monitors your DNS records continuously. When something changes, you get an email alert with exactly what changed and why it matters. No more surprises when customers complain their emails bounced.

Start Monitoring

Check Another Domain

Run a free email authentication check (DMARC, SPF, BIMI).

We will generate a shareable URL for your domain.

Try popular examples: google.com, amazon.com, booking.com

Explore Other Domains

Discover how other organizations configure their email authentication

Popular Domains

Frequently checked

Well-Configured

Reject policy + valid SPF

Same Policy

Also using quarantine

Showing domains checked by our users. All data is from public DNS records.

About This Checker

What we check

We analyze your domain's email authentication: DMARC policy and alignment, SPF record and includes, and BIMI logo/CV when present.

Why it matters

Healthy authentication improves delivery and blocks spoofing. Major inbox providers increasingly require DMARC and robust SPF/DKIM practices for senders.

Included features

  • DMARC syntax, policy, and reporting validation
  • SPF record evaluation and include analysis
  • DKIM/SPF alignment interpretation
  • BIMI record and VMC detection
  • Clear setup and remediation guidance

Related Tools

Free DMARC Record Generator
State of DMARC: Top 100 Domains
Check Another Domain

Monitor Your Email Authentication 24/7

This check shows a snapshot. With DMARCTrust, you get continuous monitoring of your DMARC reports and DNS records, with instant alerts when something changes.

Start Monitoring Now View Plans