BetaSPFWise is in beta, and every feature is free until it ends. More information after you sign up.

Email Authentication Report for intel.com

A live look at how intel.com configures SPF, DKIM, DMARC, and transport security, with the grade explained.

A

intel.com

85 out of 100

Scanned: Jul 6, 2026, 1:13 PM

Why this score

The score starts at 100. Every issue below subtracts points based on how much it hurts your deliverability or lets someone spoof you.

Starting score
100
DMARCPolicy is p=none (monitoring only).
-15
Your score
85
  • SPF

    Pass
    • Ends with -all (hardfail).

      A hardfail tells receivers to reject any sender that is not listed. This is the strongest and recommended setting.

    • SPF is present and correctly configured.

      A single SPF record was found, it stays within the DNS lookup limit, and it ends with a strong all qualifier.

    DNS lookups3 / 10
    v=spf1 include:_spf.intel.com -all
    allQualifier
    -
  • DKIM

    Warning
    • No DKIM record found at common selectors.

      DKIM selectors cannot be listed from DNS, so we checked the widely used ones and found none for intel.com. Your mail may still sign with a custom selector, but if it does not, receivers cannot confirm your messages were not tampered with in transit.

      How to fix: Enable DKIM signing in your email provider, then publish the selector TXT record it gives you at <selector>._domainkey.intel.com.

    selectorsChecked
    47
    Read the DKIM guide
  • DMARC

    -15Warning
    • -15

      Policy is p=none (monitoring only).

      p=none collects reports but tells receivers to take no action on failing mail, so your domain can still be spoofed.

      How to fix: Once your reports show only legitimate senders passing, move to p=quarantine and then p=reject.

    • Aggregate reporting is enabled.

      A rua address is set, so you receive daily reports showing every source that sends as your domain.

    v=DMARC1;p=none;sp=none;fo=1;rua=mailto:dmarc.notification@intel.com
    policy
    none
    subdomainPolicy
    none
    pct
    100
    rua
    mailto:dmarc.notification@intel.com
    adkim
    r
    aspf
    r
    Read the DMARC guide
  • MX

    Pass
    • MX is configured (1 mail server(s)).

      Your domain has MX records and every listed mail server resolves to an IP address, so it can receive mail.

    mxHosts
    mgamail.eglb.intel.com (100)
    mxCount
    1
  • Blacklist

    Pass
    • Not on any checked blocklist.

      Your mail server IPs were not found on the public blocklists we checked. Reputation can change, so it is worth monitoring over time.

    ipsChecked
    198.175.65.17
    blocklists
    bl.spamcop.net, dnsbl.sorbs.net

Optional enhancements

Advanced, nice-to-have features. Setting these up (or not) does not change your grade.

  • DNSSEC

    Optional
    • DNSSEC is not enabled.

      DNSSEC is optional, but it protects against DNS spoofing by letting resolvers confirm your records are authentic. Most domains still do not use it.

      How to fix: If your DNS provider and registrar support it, enable DNSSEC to protect your domain from DNS tampering.

  • MTA-STS

    Optional
    • MTA-STS is not set up.

      MTA-STS is optional but recommended. It tells sending servers to require TLS when delivering mail to you, which blocks downgrade and man-in-the-middle attacks on your inbound mail.

      How to fix: Publish a _mta-sts TXT record and host a policy at https://mta-sts.<yourdomain>/.well-known/mta-sts.txt with mode enforce.

    Read the MTA-STS guide
  • TLS-RPT

    Optional
    • TLS reporting (TLS-RPT) is not set up.

      TLS-RPT is optional. It asks receivers to send you reports when TLS fails while delivering your mail, which is how you catch MTA-STS or certificate problems before they hurt delivery.

      How to fix: Publish a _smtp._tls TXT record with v=TLSRPTv1 and a rua address, for example rua=mailto:tlsrpt@yourdomain.

    Read the TLS-RPT guide
  • BIMI

    Optional
    • BIMI is not set up.

      BIMI is optional. It shows your logo next to your emails in supporting inboxes, but it needs an enforced DMARC policy and, for Gmail and Apple Mail, a Verified Mark Certificate (VMC).

      How to fix: With DMARC at quarantine or reject, publish a BIMI TXT record at default._bimi pointing to a square SVG logo, and add a VMC to display it in Gmail and Apple Mail.

    Read the BIMI guide

This report examines how intel.com configures email authentication across its public DNS records. For a technology company whose services reach millions of inboxes, the records that authorize senders and sign outgoing mail are the difference between a message that lands and one that is quietly dropped.

The checks behind the grade

The score above reflects the public DNS records for intel.com at the time of the scan. SPF declares which servers may send mail for the domain, DKIM signs each message so tampering can be detected, and DMARC combines both with a published policy. Additional transport-security records raise the grade by securing the delivery path between mail servers.

About this report

This report is generated from publicly available DNS records for intel.com and is provided for informational and educational purposes only. SPFWise is not affiliated with, endorsed by, or connected to the owner of intel.com. The records shown are the same ones any mail server can query, and the grade updates automatically as they change.

Want the same breakdown for your own domain? Run a free scan to get an identical grade along with the exact records to fix anything that is weak.

Check your own domain

Run a free scan and get your grade with the exact records to fix.

Scan a domain

Guides to fix common issues