SPF checker no longer requires an external API or reCAPTCHA. All checks run locally.<\/p>"},"ratings":[],"assets_icons":{"icon.svg":{"filename":"icon.svg","revision":3467565,"resolution":false,"location":"assets","locale":false}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.7.2"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3467547,"resolution":"1","location":"assets","locale":"","width":1253,"height":733}},"screenshots":{"1":"SPF Checker \u2014 record analysis with DNS lookup meter and tree view","2":"DMARC Checker \u2014 record analysis with policy insights","3":"BIMI Checker \u2014 record analysis with logo preview"}},"plugin_section":[],"plugin_tags":[256436,145801,229014,256437,145798],"plugin_category":[],"plugin_contributors":[256438],"plugin_business_model":[],"class_list":["post-283161","plugin","type-plugin","status-publish","hentry","plugin_tags-bimi","plugin_tags-dmarc","plugin_tags-email-authentication","plugin_tags-mta-sts","plugin_tags-spf","plugin_contributors-duocircle","plugin_committers-duocircle"],"banners":[],"icons":{"svg":"https:\/\/ps.w.org\/dmarcreport-domain-auth-checker\/assets\/icon.svg?rev=3467565","icon":"https:\/\/ps.w.org\/dmarcreport-domain-auth-checker\/assets\/icon.svg?rev=3467565","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/dmarcreport-domain-auth-checker\/assets\/screenshot-1.png?rev=3467547","caption":"SPF Checker \u2014 record analysis with DNS lookup meter and tree view"}],"raw_content":"\n
DMARCREPORT Domain Auth Checker lets you embed interactive email authentication record checkers on any WordPress page or post using a simple shortcode. All DNS lookups run locally through PHP's native Use the All checkers support the This plugin performs DNS lookups and, for the MTA-STS checker, an HTTPS request to the domain being analyzed. No data is sent to any third-party API or service operated by the plugin author.<\/p>\n\n When a user submits a domain for analysis, the plugin uses PHP's built-in DNS lookups are handled by your server's configured DNS resolver and are not routed through any external API.<\/p>\n\n The MTA-STS checker fetches the domain's MTA-STS policy file by making an HTTPS GET request to:\n https:\/\/mta-sts.{domain}\/.well-known\/mta-sts.txt<\/p>\n\n This request is sent to the web server of the domain being analyzed (not to a third-party service). It is made each time a user analyzes a domain using the MTA-STS checker. Only the HTTP request itself is sent \u2014 no additional user data, cookies, or tracking information is included.<\/p>\n\n Since this request goes directly to the analyzed domain's own web server, there is no third-party service provider with separate terms of use or privacy policy. The connection uses HTTPS with SSL verification enabled.<\/p>\n\n The plugin includes links to dmarcreport.com<\/a> and autospf.com<\/a> (services by the plugin author, DuoCircle). These appear as \"Powered by\" watermarks and pricing call-to-action buttons within the checker interface. They are standard hyperlinks that open in a new browser tab when clicked by the user \u2014 no data is sent to these sites automatically by the plugin.<\/p>\n\n The SPF, DMARC, TLS-RPT, and BIMI checkers perform DNS lookups only, using PHP's native Yes. Each shortcode instance is independent. You can have an SPF checker on one page and a DMARC checker on another.<\/p><\/dd>\n No built-in limit. Each check performs DNS lookups in real-time.<\/p><\/dd>\n\n<\/dl>\n\n\ndns_get_record()<\/code> function. The MTA-STS checker also fetches the domain's MTA-STS policy file over HTTPS (see External Services below).<\/p>\n\nSPF Checker<\/h4>\n\n
\n
DMARC Checker<\/h4>\n\n
\n
TLS-RPT Checker<\/h4>\n\n
\n
BIMI Checker<\/h4>\n\n
\n
MTA-STS Checker<\/h4>\n\n
\n
Common Features<\/h4>\n\n
\n
?domain=example.com<\/code><\/li>\nUsage<\/h3>\n\n
[dmarcreport_domain_auth_checker]<\/code> shortcode with the type<\/code> attribute:<\/p>\n\n\n
[dmarcreport_domain_auth_checker]<\/code> or [dmarcreport_domain_auth_checker type=\"spf\"]<\/code><\/li>\n[dmarcreport_domain_auth_checker type=\"dmarc\"]<\/code><\/li>\n[dmarcreport_domain_auth_checker type=\"tlsrpt\"]<\/code><\/li>\n[dmarcreport_domain_auth_checker type=\"bimi\"]<\/code><\/li>\n[dmarcreport_domain_auth_checker type=\"mta-sts\"]<\/code><\/li>\n<\/ul>\n\n?domain=example.com<\/code> URL parameter for deep linking and auto-analysis.<\/p>\n\nExternal services<\/h3>\n\n
DNS lookups<\/h4>\n\n
dns_get_record()<\/code> function to query DNS records directly from your WordPress server. The domain name entered by the user is sent as a standard DNS query. This happens each time a user clicks the analyze button for any checker (SPF, DMARC, TLS-RPT, BIMI, or MTA-STS).<\/p>\n\nMTA-STS policy file fetch<\/h4>\n\n
Outbound links<\/h4>\n\n
\n
\n
dmarcreport-domain-auth-checker<\/code> folder to \/wp-content\/plugins\/<\/code><\/li>\n[dmarcreport_domain_auth_checker]<\/code> to any page or post<\/li>\n<\/ol>\n\n\n\n
Does this plugin connect to any external service?<\/h3><\/dt>\n
dns_get_record()<\/code> function on your server. The MTA-STS checker additionally fetches the domain's MTA-STS policy file from https:\/\/mta-sts.{domain}\/.well-known\/mta-sts.txt<\/code> over HTTPS. No data is sent to any third-party API or tracking service.<\/p><\/dd>\nCan I use multiple checkers on different pages?<\/h3><\/dt>\n
What DNS records does each checker look up?<\/h3><\/dt>\n
\n
{domain}<\/code><\/li>\n_dmarc.{domain}<\/code><\/li>\n_smtp._tls.{domain}<\/code><\/li>\n{selector}._bimi.{domain}<\/code><\/li>\n_mta-sts.{domain}<\/code> and policy file at https:\/\/mta-sts.{domain}\/.well-known\/mta-sts.txt<\/code><\/li>\n<\/ul><\/dd>\nIs there a limit on how many domains can be checked?<\/h3><\/dt>\n
1.7.1<\/h4>\n\n
\n
1.7.0<\/h4>\n\n
\n
1.6.0<\/h4>\n\n
\n