What we verify

Email spoofing protection

Criminals do not need to hack your website to abuse your brand. Without the right DNS records, anyone can send email that appears to come from your domain, and your customers are the ones who get burned.

TrustedOrigin verifies the records that stop this: SPF, DMARC, DNSSEC and CAA. Each is checked on every cycle and combined into an email-security score your visitors can inspect.

4 records
verified per cycle
2x/week
check frequency
0-10
visible trust score

What this check covers

SPF

The Sender Policy Framework record lists the servers allowed to send email for your domain, so receiving mail servers can reject forgeries.

DMARC

DMARC tells the world what to do with email that fails authentication and gives you reporting, making brand impersonation dramatically harder.

DNSSEC

DNSSEC cryptographically signs your DNS answers, protecting visitors from being silently redirected to an attacker's server.

CAA

A CAA record restricts which certificate authorities may issue certificates for your domain, closing off a whole class of impersonation attacks.

What your visitors see

The verification panel shows an "Email Security" certification with the status of each record, so visitors can see the business actively protects them from spoofed email sent in its name.

Every result carries a date, so visitors can see the check is recent, and if a serious issue is ever found the badge is removed automatically until it is resolved.

Ready to earn your badge?

One script tag, one plan, every check included. Live on your site in minutes.

Get your badge See all checks