About Email Posture

Email Posture tells you, in plain English, whether someone can send email pretending to be your domain — and warns you the moment that protection slips.

The problem we solve

Email is the number-one way attackers reach your customers and staff. If a domain isn't properly protected with SPF, DKIM, and an enforced DMARC policy, anyone can send messages that look exactly like they came from it — the foundation of phishing and business-email-compromise fraud. The records that prevent this are public, but they're technical, easy to misconfigure, and silently drift over time as new tools and vendors get added.

What we do

Our free checker reads your domain's public DNS records and grades them A–F, with a clear explanation of every finding and the exact steps to fix anything exposed — no jargon required. For domains you control, paid monitoring re-checks your posture every day and emails you the instant something regresses, so a quiet DNS change never leaves you exposed for weeks.

How we keep it trustworthy

• Read-only.We only query public DNS records. We never connect to your mail servers, send test mail, or touch anything you haven't published openly.
• Proof of control for monitoring.Continuous monitoring only activates after you confirm your email and prove you control the domain via a DNS challenge — so the service can't be used to surveil domains you don't own.
• Minimal data.One-off checks aren't tied to your identity. We store only what monitoring needs, and you can delete it anytime. Payments are handled by Stripe — we never see your card details.

Who runs it

Email Posture is an independent software service operated from Florida, United States. Questions, feedback, or press: support@emailposture.com. Security reports: see our security page.