Author: LaptopMarts.in
Published: July 2025

🔐 Why Email Authentication Matters

Email security is crucial in preventing phishing, spoofing, and unauthorised email usage. Three DNS-based technologies—SPF, DKIM, and DMARC—help protect your domain and build trust with email recipients.

In this quick guide, we’ll show you how to check these records for your domain using the terminal on Linux, macOS, or WSL on Windows.

🛠 Tools You’ll Use

• dig: DNS lookup tool to query TXT records.

• host: Lightweight alternative for DNS lookups.

✅ 1. Check DMARC Record

Run the following command:
#dig _dmarc.example.com TXT +short

You’ll see output like:
"v=DMARC1; p=none; rua=mailto:reports@example.com"
This tells you the DMARC policy for handling unauthenticated mail.

✅ 2. Check SPF Record
Check your domain’s SPF (Sender Policy Framework):
#dig example.com TXT +short

You’ll see output like:
"v=spf1 include:_spf.google.com ~all"
This specifies which servers are allowed to send mail for your domain.


✅ 3. Check DKIM Record
If you’re using Google Workspace, the default DKIM selector is google. Run:
dig google._domainkey.example.com TXT +short

You’ll see output like:
"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4..."


🧪 Bonus: Use host for Quick Checks

#host -t TXT example.com
#host -t TXT _dmarc.example.com
#host -t TXT google._domainkey.example.com
This shows all your domain's TXT records, helpful for troubleshooting or confirming updates.


 Pro Tip: DNS changes may take time to propagate—wait 15 minutes to 48 hours before rechecking.

🔐 Need Help Setting Up SPF, DKIM, or DMARC?
We at LaptopMarts.in offer domain-level email security setup,  and Gmail domain configuration help.
👉 Contact us to secure your email today!

💬 Final Words
Knowing how to check SPF, DKIM, and DMARC records gives you control over your domain’s security and email deliverability. These simple commands can save your brand from costly email attacks.
Stay secure. Stay smart. Stay ahead—with LaptopMarts.