Frequently Asked Questions

Email Armory is a free collection of 17 DNS, email, and security tools. You can look up DNS records, verify email addresses, check DMARC/SPF/DKIM configurations, inspect SSL certificates, scan ports, and more — all without signing up or paying anything.

Yes, completely free. All 17 tools are available with no signup, no paywall, and no feature gating. We sustain the service through non-intrusive advertising.

No. Every tool works instantly — just enter a domain, email address, or IP and get results. There are no accounts, no login walls, and no premium tiers required for basic functionality.

Email Armory is built with modern technology (Next.js, TypeScript, Tailwind CSS) and designed for speed and usability. We offer a clean, mobile-first interface without intrusive ads or cluttered layouts. All lookups use native Node.js APIs with zero external API dependencies, which means faster results and no third-party rate limits.

Email Armory currently offers 17 free tools across three categories: Email Tools (email verification, header analysis), DNS Tools (DNS lookup, MX lookup, NS lookup, TXT lookup, reverse DNS, WHOIS), and Security Tools (DMARC checker, SPF checker, DKIM checker, SSL checker, blacklist checker, HTTP headers, redirect checker, port scanner, domain health check).

When you enter a domain or email address, our server performs the lookup in real-time using native Node.js APIs. For DNS queries, we use the built-in dns module. For SSL checks, we establish TLS connections directly. For SMTP checks, we connect to mail servers over port 25. Results are returned instantly — nothing is cached or pre-computed.

Yes. Our tools query authoritative sources directly — DNS resolvers, mail servers, WHOIS databases, and SSL endpoints. Results reflect the current state of the target domain at the time of the lookup. Keep in mind that DNS changes can take up to 48 hours to propagate globally.

Not yet, but an API is on our roadmap. If you need programmatic access to our tools, stay tuned — we plan to offer API access in the future.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that tells receiving mail servers what to do when emails fail SPF or DKIM checks. It protects your domain from spoofing and phishing. As of 2024, Google and Yahoo require DMARC for bulk email senders.

SPF (Sender Policy Framework) is a DNS TXT record that specifies which IP addresses and servers are authorized to send email on behalf of your domain. When a receiving server gets an email, it checks the SPF record to verify the sending server is authorized. If the check fails, the email may be rejected or marked as spam.

DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. The receiving server uses a public key published in your DNS records to verify the signature, confirming the email wasn't modified in transit and was sent by an authorized server.

Since February 2024, Google and Yahoo require all bulk senders (5,000+ emails/day) to have valid SPF, DKIM, and DMARC records. They also require one-click unsubscribe headers, a spam complaint rate below 0.3%, and proper reverse DNS (PTR) records for sending IPs. Non-compliance results in emails being rejected or sent to spam.

No. We don't log your queries, store your results, or track your usage patterns. Each lookup is performed in real-time and the results are sent directly to your browser. We don't maintain any database of past lookups.

Absolutely. Our tools only perform read-only operations — DNS queries, TLS handshakes, and SMTP banner reads. We never modify any records, send test emails to your users, or perform any write operations against your infrastructure.

We apply reasonable rate limits to prevent abuse and ensure the service stays fast for everyone. Normal usage — running a few lookups per minute — will never hit any limits. If you need high-volume access, an API with dedicated rate limits is planned for the future.

No. Your lookups are private. We don't publish, share, or expose any query data. There is no public search history, no "recently checked" feed, and no way for other users to see your activity.

Email Armory is built with Next.js, React, TypeScript, and Tailwind CSS. It's hosted on Vercel with automatic deployments. All tools run on the server side using native Node.js APIs.

By using native Node.js APIs for all lookups (dns module for DNS, tls module for SSL, net module for SMTP/ports, https for HTTP headers), we eliminate external API costs, avoid third-party rate limits, and remove single points of failure. This means faster, more reliable results and no dependency on services that could change their pricing or availability.

DNS queries are performed server-side using Node.js's built-in dns.promises module, which queries the system's configured DNS resolver (typically Cloudflare 1.1.1.1 or Google 8.8.8.8 on our Vercel deployment). This gives us access to all DNS record types including A, AAAA, MX, TXT, NS, SOA, CNAME, and PTR records.