scan_domain
Run a comprehensive DNS and email security audit for any domain. Get overall security score, NIST-aligned grade, and prioritized findings.
Instructions
Run a full DNS and email security audit for a single domain. Aggregates every scan-included check in parallel (SPF, DKIM, DMARC, DNSSEC, TLS/SSL, MTA-STS, CAA, BIMI, subdomain takeover, and more) and returns an overall security score, NIST-aligned letter grade (6-band A+/A/B/C/D/F), maturity stage, and prioritized findings. Use for a comprehensive single-domain audit, to get a domain's overall security grade, or to assess email security maturity.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| domain | Yes | Domain to check (e.g., example.com) | |
| format | No | Output verbosity. Auto-detected if omitted. | |
| profile | No | Scoring profile. Default "auto" detects. | |
| force_refresh | No | Bypass cache and run a fresh scan. Useful after DNS changes. |