The open email-authentication dataset.
Authex Atlas measures SPF, DKIM, DMARC, MTA-STS, TLS-RPT, and BIMI on every reachable domain. Open dataset. Free to browse.
Free. No signup.
Most domains are still spoofable.
The state of authentication is not what most assume. Even with Google and Yahoo's 2024 mandate, full enforcement remains the exception, not the rule.
Figures refreshed nightly. Last full snapshot 2026-05-06.
Where countries stand.
Atlas tracks enforcement across 189 countries. The ones below have full published research reports. The rest are browsable in the live dataset.
Scanned. Not self-reported.
Every record in Atlas is read directly from public DNS. Nobody submits their own posture. That makes the numbers honest, and comparable across countries, sectors, and time.
Public DNS only. SPF, DKIM selectors, DMARC, MTA-STS, TLS-RPT, and BIMI records read against authoritative resolvers.
Nightly refresh. Snapshots are retained so historical trends per country, sector, and provider stay queryable.
Seeded from registrar zone data and public domain corpora. Long-tail coverage grows with each Authex scan.
Each record is parsed and policy-evaluated, then scored with the same scanner that powers Authex Labs.
Only 15.6% of domains enforce DMARC.
Is yours one of them? Same engine that powers Atlas, run live against your domain. 30 seconds. No signup.
The full dataset is one click away.
Browse by country, sector, provider, or TLD. Or read the research built on top of it.
Free. No signup.