This report examines how google.com configures email authentication across its public DNS records. For a technology company whose services reach millions of inboxes, the records that authorize senders and sign outgoing mail are the difference between a message that lands and one that is quietly dropped.
What this report checks
The grade above is derived directly from what google.com publishes in DNS, so it reflects the domain exactly as a receiving mail server sees it. SPF lists the servers allowed to send on the domain's behalf. DKIM adds a cryptographic signature that proves a message was not altered in transit. DMARC ties the two together and tells receivers what to do when a message fails both checks. Transport records such as MTA-STS and TLS-RPT add a further layer by protecting the connection itself.
About this report
This report is generated from publicly available DNS records for google.com and is provided for informational and educational purposes only. SPFWise is not affiliated with, endorsed by, or connected to the owner of google.com. The records shown are the same ones any mail server can query, and the grade updates automatically as they change.
Want the same breakdown for your own domain? Run a free scan to get an identical grade along with the exact records to fix anything that is weak.