How it works: The test works because the sending domains of these test emails are configured with email policies that instruct your receiving email server to reject the test emails. This test will determine if your receiving email servers enforce security policies that determine if an email is real or fake.

Graphic above: Diagnostic test emails E1-E10 are sent to your testing inbox. When email security is configured correctly the test email E1 is received to the inbox and test emails E2-E10 are rejected. E1 must be received to be considered a valid test.

What is does: The diagnostic test sends safe plain text, ordinary emails from a disallowed email sender. The test quickly and accurately determines if your email security can distinguish between real and fake email. This diagnostic testing provides a fully guided self-assessment with help to fix the issues and severity scoring is used to determine risk and posture based on real results. The resulting report card is often used to reduce cyber insurance costs or as "3rd Party Attestation" for B2B contracts.

Why its important: Email is the most abused mission-critical platform and is the main way "ransomware gangs" enter a business (called BEC attacks) Email misconfigurations can allow fraudulent email into the inbox, only needing to trick just ONE trusting user into launching ransomware. DNS and email servers are often misconfigured, patched, updated, or broken out of our control and without notice opening holes in email security, so it is important to test every day.

Email is mission critical: We recommend every business use this tool at least every week, on us for free! No credit card or signup, just real security testing that anyone can do. Try a test, if you like the tool please consider helping us to build improvements and new tools by buying a pass for unlimited testing and access to use the advanced tools. If you need support reach out and let us know. We also provide an Email Optimization Service where we secure and tune email security for you.