Email Security
Prevent email impersonation before it reaches a patient's inbox
SPF, DKIM, DMARC, MTA-STS, and TLS-RPT verified against a live baseline. Misalignment surfaced before it becomes a spoofed patient statement.
- Continuous SPF / DKIM / DMARC verification with alerts on record changes.
- MTA-STS and TLS-RPT monitoring to confirm inbound mail stays encrypted.
- Impersonation attempt intelligence from public sender reputation feeds.
Monitoring/Email Monitoring
Re-checkGoogle WorkspaceBAA signed
MX → aspmx.l.google.com
Passing
2
Warnings
2
Failing
1
Total
5
Authentication checks
- Pass
SPF record
v=spf1 include:_spf.google.com ~all
- Pass
DKIM signing
2048-bit key, rotated 2025-10
- Fail
DMARC policy
p=none — no enforcement
- Needs attention
MTA-STS
Policy file missing
- Needs attention
TLS-RPT
Not configured
Other surfaces we watch
The other surfaces in your monthly evidence report.
Pro tier covers all surfaces. Core covers Website + Email and upgrades anytime.
Protection starts at sign-up. Zero input from IT.
About sixty seconds to onboard. Continuous monitoring begins the moment you activate a plan.