substack.com has excellent email authentication. All SPF, DKIM, and DMARC records are properly configured.
| SPF (Sender Policy Framework) | pass |
| DKIM (DomainKeys Identified Mail) | pass |
| DMARC (Domain-based Message Authentication) | pass |
| MX (Mail Exchange Records) | pass |
| Blacklist Status | pass |
v=spf1 include:_spf.google.com include:mailgun.org include:mail.zendesk.com ~all
v=DMARC1; p=reject; pct=100; rua=mailto:re+kvnosxqvppz@dmarc.postmarkapp.com; sp=reject; aspf=r;
No issues found. All email authentication records are properly configured.
Email authentication (SPF, DKIM, DMARC) verifies that emails claiming to be from substack.com actually come from authorized servers. Without proper authentication, emails may be marked as spam or rejected by receiving servers like Gmail, Outlook, and Yahoo.
Since February 2024, Google and Yahoo require SPF, DKIM, and DMARC for all email senders. Domains without these records see significantly higher spam rates.
Use our step-by-step setup guides to configure the missing records at your DNS provider. After making changes, re-scan substack.com to verify the fix.