Email Score
pro/v1/score/emailCalculates a comprehensive email security score (0-100) based on SPF policy strength, DKIM key presence, DMARC enforcement level, MX record configuration, and email provider type. Returns a letter grade (A-F) with weighted breakdown of each component, grade description, and prioritized recommendations. Detects email provider type (enterprise, business, security gateway) from MX records for bonus scoring.
What It Does
Queries SPF, DKIM, DMARC, and MX records in parallel via Cloudflare DoH. Scores SPF based on record validity and policy mechanism (-all, ~all, ?all, +all). Scores DKIM based on key presence and estimated key strength (2048+ bit RSA or Ed25519 scores higher) across common selectors. Scores DMARC based on policy level (none/quarantine/reject), alignment, subdomain policy, and percentage coverage. Scores MX records for presence and backup redundancy. Detects email provider type and awards bonuses for enterprise (Google Workspace, Microsoft 365) or security gateway providers. Returns detected provider information, record presence flags (has_spf, has_dkim, has_dmarc, has_mx), weighted breakdown, and a letter grade.
Why It's Useful
Email security configuration directly impacts deliverability and phishing protection. A single composite score makes it easy to assess email security posture, compare domains, track improvements over time, and verify compliance with Google/Yahoo/Microsoft bulk sender requirements (2024-2025). Ideal for security dashboards, vendor risk assessments, and email deliverability troubleshooting.
Use Cases
Email Security Baseline
Establish email security baseline across all organization domains. Track progression from p=none to p=reject enforcement.
Track and report email security improvements to leadership with a single metric.
Vendor Risk Assessment
Evaluate vendor email security as part of due diligence process. Flag vendors with missing SPF, DKIM, or DMARC that could be impersonated for phishing.
Identify vendors with weak email security that could pose phishing risk to your organization.
Deliverability Troubleshooting
Diagnose why emails are landing in spam by checking email authentication score. Identify which components (SPF, DKIM, DMARC) are dragging down the overall score.
Improve email deliverability by addressing specific authentication gaps with prioritized recommendations.
Bulk Sender Compliance
Verify email authentication meets Google, Yahoo, and Microsoft requirements for domains sending 5,000+ emails/day before enforcement deadlines.
Prevent email rejection by ensuring compliance with bulk sender authentication mandates.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | The domain to score email security forExample: google.com |
Response Fields
| Field | Type | Description |
|---|---|---|
domain | string | The scored domain |
score | number | Composite email security score 0-100 |
grade | string | Letter grade A-F based on score |
gradeDescription | string | Human-readable grade description |
breakdown | object | Weighted component scores for SPF, DKIM, DMARC, MX, and provider |
records | object | Boolean flags for SPF, DKIM, DMARC, and MX record presence |
recommendations | array | Prioritized improvement actions ranked by impact |
componentCount | number | Number of components analyzed |
Code Examples
curl "https://api.edgedns.dev/v1/score/email" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain=google.com"const response = await fetch(
'https://api.edgedns.dev/v1/score/email?domain=google.com',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/score/email',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': 'google.com'
}
)
data = response.json()
print(data)Read the full Email Score guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
External References
Learn more about the standards and protocols behind this endpoint.