Certra logo Certra Domain Assessment Documentation
Back

Overview

Certra Domain Assessment performs an assessment of a domain's email security posture and converts disparate data points into a concise risk snapshot in an easy to understand interface. Quickly identify potential email stability issues and address configurations that specifically allow you to better protect your brand, and those that trust it, against cyber enabled fraud.

Designed for low friction: Enter a domain and receive a unified view of SPF / DKIM / DMARC / PTR plus lightweight infrastructure context. No account needed.

  • Unified risk score (0–100%) plus a concise /10 badge for quick review.
  • Per-record validation with targeted explanations and remediation cues.
  • Infrastructure context: shared vs dedicated classification and provider trust indicators.
  • Duplicate include: detection to reduce SPF lookup pressure.
  • Simple JSON API for automation and monitoring workflows.

Quick Start

  1. Enter a domain (e.g., example.org).
  2. Review the score and gradient bar for an initial posture assessment.
  3. Expand SPF / DKIM / DMARC panels to view pass / fail details with supporting evidence.
  4. Address red (critical) findings first, then amber warnings (lookup usage, weak policies, etc.).
  5. Allow DNS to propagate, re-run to verify remediation.

Need guidance? Trying to solve a specific security related problem? Maybe you're trying to tackle malicious fraud related spoofing? We can assist! help@certra.co.za

Core Concepts

Risk Scoring

The score combines record correctness, policy strictness, structural health (lookup count, duplication), and infrastructure hygiene context. A higher score indicates reduced residual risk and more stable deliverability.

  • 90–100: Strong posture—maintain monitoring and incremental hardening.
  • 70–89: Functional baseline—prioritize closing enforcement and efficiency gaps.
  • <70: Elevated exposure—resolve fundamental misconfigurations promptly.

Section Status

Each section exposes a status: Green indicates configuration is sound; Red signals material defects. Amber highlights transitional or capacity conditions (e.g., nearing the SPF 10 lookup threshold).

Infrastructure Findings

Infrastructure findings surface patterns (extensive shared hosting, higher-risk providers, consolidation of services) that may warrant broader platform adjustments beyond record edits.

Visually Similar Domain Scanning

The visually similar domain scan enumerates domains that are visually or typographically similar to your original domain. This helps identify potential phishing, brand impersonation, or typo-squatting risks that could impact your organization or users.

Why it matters: Attackers often register lookalike domains to trick users, intercept email, or impersonate brands. Early detection enables proactive defense and takedown.

Badges

  • The original domain is always shown at the top of the results, clearly marked with an original badge.
  • Each similar domain is checked for key risk indicators:
    • Email — Whether the domain is configured to handle email (has functional MX records).
    • Newly Registered (<30d) — Domains registered in the last 30 days are flagged as high risk.
    • Recently Registered (<90d) — Domains registered in the last 90 days are flagged as medium risk.
    • new — Domains not seen in your previous scans are highlighted for attention.
    • Suspicious — Domains generated by a homoglyph finding (visually deceptive character swaps) are flagged as suspicious.
    • Subdomain — Indicates a subdomain of a likely unrelated domain. These are often false positives due to domain registrars using wildcard DNS to redirect traffic to their own site.

For advanced monitoring or takedown support, contact us: help@certra.co.za

Glossary

TermDefinition
SPFSender Policy Framework: Enumerates authorized outbound sources for the domain.
DKIMDomainKeys Identified Mail: Cryptographic signing enabling integrity verification.
DMARCDomain-based Message Authentication, Reporting, and Conformance: Alignment and policy layer ensuring SPF/DKIM match the visible From domain and enabling reporting.
PTRDNS PoinTeR REcords: Reverse DNS mapping IP to hostname; Clarity supports trust and filtering decisions. Could impact email delivery reliability.
SPF Lookup LimitSPF has a hard limit of 10 DNS lookups that expand mechanisms; Exceeding this invalidates evaluation.
Suspicious HomoglyphCharacters that look alike but are different Unicode code points, used to create deceptive domains. Domains with this finding are flagged as suspicious.
MX RecordMail Exchange record; DNS entry specifying mail servers for a domain.
PhishingFraudulent attempt to obtain sensitive information by disguising as a trustworthy entity via email or websites.
Typo-squattingRegistering misspelled versions of popular domains to capture traffic or deceive users.

Interested in continuous monitoring or progressing enforcement? Contact us. help@certra.co.za