● Advanced plan feature

Stop attackers spoofing your email domain.

Mail Check monitors your email security records - SPF, DKIM, DMARC and MTA-STS - and gives you clear, plain-English guidance when something is misconfigured. Filling the gap left by the NCSC retiring their free Mail Check service.

Get Started All Features

Mail Checkcyberoverview.co.uk

✅SPF RecordConfigured

❌DMARC PolicyMissing

⚠️DKIM SigningPartial

⚠️MTA-STS PolicyNot set

Recommended action

⚠ DMARC policy not found

Without DMARC, anyone can send emails that appear to come from your domain. This is one of the most common methods used in phishing attacks against organisations' staff and contacts.

How to fix this →

What Mail Check monitors

Four email security checks. Massive impact on your email security.

SPF, DKIM, DMARC and MTA-STS are DNS records that control how your email is authenticated. When correctly configured, they make it dramatically harder for attackers to send fraudulent emails that appear to come from your domain.

SPF (Sender Policy Framework)

Specifies which mail servers are authorised to send email on behalf of your domain. Without SPF, anyone can claim to send email from your address.

DNS TXT record · Usually straightforward to configure

DKIM (DomainKeys Identified Mail)

Adds a digital signature to outgoing emails that receiving servers can verify. Proves that email genuinely came from your domain and hasn't been tampered with in transit.

DNS TXT record · Requires configuration in your email platform

DMARC (Domain-based Message Authentication)

Builds on SPF and DKIM to tell receiving servers what to do when authentication fails - reject, quarantine, or monitor. The most powerful of the four email security checks.

DNS TXT record · Requires SPF and DKIM to be in place first

MTA-STS (Mail Transfer Agent Strict Transport Security)

Enforces encrypted connections between mail servers when delivering email to your domain, preventing interception in transit. Less widely adopted than DMARC but increasingly relevant as a defence in depth measure.

Requires a policy file hosted on your domain · Works alongside DMARC

🇬🇧 Filling the gap left by the NCSC

The NCSC (National Cyber Security Centre) previously offered a free Mail Check service that helped UK public sector and charity organisations monitor their email security records. That service was retired in 2024. Cyber Assure's Mail Check fills that gap - providing ongoing monitoring and clear guidance for any UK organisation, available on the Advanced plan.

How it works

Monitor continuously. Fix issues with plain-English guidance.

🔎

Continuous monitoring

Mail Check runs regular scans of your domain's DNS records and alerts you if anything changes or falls out of configuration - not just a one-time check.

📝

Plain-English explanations

Every finding comes with a clear explanation of what it means, why it matters, and step-by-step guidance on how to fix it - no DNS expertise required.

🏠

Multiple domains supported

If your organisation uses more than one email domain, Cyber Assure monitors all of them and surfaces issues across your whole domain portfolio.

📤

Alerts when things change

DNS records can be changed accidentally. Mail Check detects unexpected changes and alerts you immediately so you can investigate.

Why email security matters

🔎

Phishing and impersonation

Attackers send convincing emails from your domain to your staff, donors, clients, or pupils - tricking them into divulging credentials or making payments.

💰

Invoice and payment fraud

Business email compromise using spoofed domains is one of the most financially damaging cyber crimes affecting UK organisations.

📋

Reputational damage

If attackers use your domain to send spam or phishing emails at scale, your domain can be blacklisted - affecting the deliverability of your legitimate emails.