Investigate is a free tool that checks if your DMARC, DKIM, SPF, and other important email security protocols are set up correctly. If it discovers that anything is broken or misconfigured, it will provide actionable steps and guidance for you to resolve any issues.

Simply put, anyone! Investigate is useful for those who are just curious about their email setup and want to learn more, as well as businesses who are actively working on projects to improve their email configuration. This is because the tool provides an easy-to-digest overview of your evolving setup in an instant. 

Without a tool like Investigate, you would have to wait up to 24 hours for a DMARC report to arrive that would show you if the changes you made had the desired outcome. This is a time-consuming and tedious process. Speed is of the essence for businesses working on email security projects such as DMARC, as the faster they can secure their email, the better. The instant visibility Investigate provides drastically reduces the time needed to check up on your evolving setup and speeds up the time needed until full protection is reached.

This version of Investigate is a free tool that we provide for businesses to quickly check their email configuration. It is based on the full Investigate feature that is included inside Red Sift’s OnDMARC application that protects business email. 

Investigate checks DMARC, SPF, DKIM, FCrDNS, TLS, BIMI, and MTA-STS. Whilst each security protocol has a specific mission, the more boxes you tick for your email, the lower the risk to both you and those that you communicate with. Think of it as a security scorecard for your domain. With Investigate’s speedy checks, you can confidently achieve full marks and get to full protection (p=reject) faster.

See the following FAQs for a definition of each protocol that Investigate checks and validates.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a standard that stops bad actors from using your domain to send emails without your permission. Without a DMARC record in place, anyone can impersonate your domain and use it to potentially launch phishing attacks.

SPF (Sender Policy Framework) validates that your server is authorized to send emails on behalf of the domain it claims to be sent from so the recipient knows you are who you say you are.

DKIM (Domain Keys Identified Mail) is a signal for the receiving inbox that your email is digitally signed by the domain it came from, confirming that the email content has not been tampered with along the way.

This is a strong indicator of your deliverability. If not set up properly, emails are more likely to end up in spam.

This signal verifies that the contents of your email can’t easily be snooped on by people who are not your intended recipients.

A signal that displays validated trademarked logos for all DMARC authenticated emails.

This is a standard that enables the encryption of messages being sent between two mail servers.

Investigate is only able to provide an overview of your email setup if you agree to send a test email to its unique inbox. This is because Investigate needs to test your specific email-sending service and its authenticity by checking email sending and receiving infrastructure and the email message encryption status.

If it were to carry out a static evaluation based only on your domain name, Investigate would not be able to produce the same results as the domain might be sending from Marketo, Gmail, SFDC, or Outlook.

Just scroll back to the top of this page, copy and paste the unique email address we provide, and send it an email from the sending service you wish to check. In just a few seconds, we’ll provide a full breakdown of your email setup and will also email you a copy of your results.

If Investigate detects errors in your email configuration, it will provide guidance on how to fix these. However, should you need any further assistance with this, Red Sift is here to help you! Just reach out to us and we’ll be happy to help you.