Public Email & DNS Testbed

FAQ

This website allows you to test how well your mail server supports common email security and delivery features when sending mails. You can read more about the individual measurements we run here or in our published paper "Not that Simple: Email Delivery in the 21st Century".

We are Florian Holzbauer, Johanna Ullrich, Martina Lindorfer, and Tobias Fiebig, the authors of "Not that Simple: Email Delivery in the 21st Century". We run this self-hosted service to make the measurement infrastructure we used in our paper more accessible to users and operators out there.

We are sorry that you received an unsolicited email. This can happen if somebody enters your email address on our site.

If you just received an email from us no measurements have taken place yet. You can either just ignore the email, or use the opt-out link in there to permanently opt out from receiving mails from us. We will then store a hash of your mail-address to ensure we will never send to that address again.

If you accidentally sent a reply-all to our mail, you can use the 'Delete Result' button in the report form to delete your data. If you want us to not send mails to one/multiple domain(s) and/or host(s)/network(s), please send an email to abuse@email-security-scans.org, and we will get to it as soon as possible!

If an email cannot be delivered, the email server will try to redeliver emails for a certain period of time (24h - a few days). This is the default behavior by most email servers. For some measurement targets non-delivery is the optimal case, e.g. if the your email provider/server validates DNSSEC and can not send emails to a domain with broken DNSSEC. You can ignore these notification emails.

Email is not a real-time protocol. Sometimes mails may be delayed, and in case of our greylisting measurements it is even expected. Hence, the link to your report may be returned before your server delivered all emails to us. Reload the report URL later to to check if some mails were delayed. We keep it up-to-date.

Some providers perform pre-filtering of To: addresses. Exclude that destination address from the list and retry sending; If another address causes issues, remove that one as well.

From the measurements, we are storing per-email provider aggregated statistics on the measured outbound mailserver configuration. This includes use of email security technologies, IPv4 and IPv6 support, and whether the provider validates DNSSEC. Additionally, you can ask us to store the emails you sent us for up to two weeks, so you can download them later.
We store this data for the purpose of ongoing scientific research into the adoption of email security measures. If you are your own provider, this information might personally identify you, and we ask you to consider this before participating. If you did participate in the study and would like to have your data deleted, please iuse the delete button on the report to delete your data.
If you opt-out from this service, we store a hash of your email address indefinately, to block-list your address.
For all further data we (temporarily) process and store, please refer to our Privacy Policy.

Please report any error at reporting@email-security-scans.org.
If you experienced an issue where our service broke something for you, please email abuse@email-security-scans.org, so we can investigate and stop whatever caused it.