Certificate Authority Authorization
No CAA records were returned at this registrable domain name. With no CAA policy, any public certificate authority (CA) may issue TLS certificates for names under this zone unless a parent publishes CAA; add issue / issuewild / iodef records to restrict issuance.
DMARC
Organizational policy (p): how receivers treat mail that fails aligned DMARC checks — none (monitor only), quarantine (often junk), or reject (block).
Subdomain policy (sp): when set, it applies to hostnames below this domain instead of p; if omitted, subdomains inherit the organizational policy.
pct: share of mail that gets quarantine/reject; 100 = all failing messages (default).
100Aggregate DMARC reports (ZIP/XML). Optional but recommended for visibility.
Forensic (per-failure) reports. Often omitted for privacy or volume.
zcsend.in. 600 IN DMARC v=DMARC1; p=reject; sp=quarantine; rua=mailto:[email protected]
DKIM
No DKIM TXT with `v=DKIM1` was returned for the selector names we probe automatically.
SPF (Sender Policy Framework)
No SPF TXT record was returned (`v=spf1` / `spf2.0/`). SPF tells receivers which hosts may send mail for this domain; without it, aligned DMARC and spoofing defenses are weaker.
MTA-STS
This hostname does not publish an MTA-STS policy (no v=STSv1 TXT at _mta-sts.<name> and/or no policy at https://mta-sts.<name>/.well-known/mta-sts.txt).