Yesterday I published an analysis claiming that 26 of 39 AI companies use SPF softfail, implying their email could be spoofed. A reader (@privacyfish) pointed out that this is misleading:
SPF
~all\by itself does not always mean "the domain can be spoofed into inboxes" if the domain has DMARC enforcement and DKIM alignment working.
They're right. SPF is only one layer. The actual spoofability of a domain depends on how SPF, DMARC, and DKIM work together — and DMARC only needs one of SPF or DKIM to align for the message to pass. So I re-ran the analysis with a combined scoring model.
How email authentication actually works
| Layer | What it does | On its own |
|---|---|---|
| SPF | Lists authorized sending IPs | Softfail (~all\) = "flag but deliver" |
| DMARC | Tells receivers what to do on authentication failure |
p=reject\ = hard enforcement |
| DKIM | Cryptographic signature proving the email is authentic | Verifies message integrity |
The critical point I missed: DMARC passes if either SPF or DKIM aligns with the From domain. A domain with SPF softfail + DMARC reject + DKIM = well-protected, because even if SPF softfails, aligned DKIM makes the DMARC check pass. And if both fail, DMARC reject tells the receiver to drop the message.
Checking SPF alone — which is what my original analysis did — misses the full picture.
Corrected results: 32 protected, 3 partial, 4 with gaps
Out of 39 AI/tech companies rescanned with all three layers:
Well-protected (32 companies)
These have DMARC enforcement (reject or quarantine) plus at least one aligned authentication mechanism:
| Company | SPF | DMARC | DKIM |
|---|---|---|---|
| Anthropic | softfail | reject | |
| OpenAI | hardfail | reject | |
| Apple | softfail | quarantine | selector1 |
| Microsoft | hardfail | reject | selector2 |
| Cloudflare | hardfail | reject | k1 |
| Stripe | softfail | reject | |
| DeepSeek | hardfail | quarantine | default |
| Nvidia | softfail | reject | yes |
| xAI | hardfail | quarantine | — |
(+ 23 others including Cohere, Mistral, Midjourney, Perplexity, Databricks, Snowflake, Cursor, Vercel, Replit)
Anthropic — the company I highlighted yesterday as vulnerable — is actually textbook correct. Softfail SPF + reject DMARC + DKIM alignment = spoofed emails get rejected.
Nvidia deserves a mention: they use Valimail (a commercial DMARC service) with p=reject\ — full enforcement. My earlier scan incorrectly showed them as having no DMARC. They're well-protected.
xAI uses SPF hardfail (-all\) plus DMARC p=quarantine\ with Cloudflare DMARC reporting — also well-protected.
Partially visible (3 companies)
| Company | SPF | DMARC | DKIM found? | Note |
|---|---|---|---|---|
| softfail | reject | not on standard selectors | Almost certainly uses custom DKIM selectors — they invented the protocol | |
| Meta | redirect | reject | not on standard selectors | Uses Proofpoint; custom selectors likely |
| Notion | softfail | quarantine | not on standard selectors | DMARC enforcement active via SPF alignment |
Important caveat: DKIM selectors are arbitrary strings chosen by the domain owner. My scanner checks 9 common selectors (google\, selector1\, selector2\, default\, k1\, s1\, s2\, dkim\, mail\). Google and Meta almost certainly sign with DKIM using selectors I didn't check. These companies have strong DMARC enforcement and are not practically at risk.
Authentication gaps (4 companies)
These have no DMARC enforcement — their DNS policies don't instruct receivers to reject authentication failures:
| Company | SPF | DMARC | DKIM | Gap |
|---|---|---|---|---|
| Stability AI | softfail | p=none\ |
yes | Has DKIM but DMARC won't enforce on failure |
| Hugging Face | softfail | p=none\ |
yes | Same — DKIM present but DMARC is monitoring-only |
| Inflection AI | softfail | p=none\ |
yes | DMARC exists but is monitoring-only |
| Qdrant | softfail | p=none\ |
no | No enforcement on any layer |
p=none\ means the domain owner is collecting DMARC failure reports but not asking receivers to act on failures. It's a standard first step when deploying DMARC — you monitor before enforcing — but some companies stay in monitoring mode indefinitely.
This doesn't mean these companies' email is actively being spoofed. It means their DNS configuration doesn't instruct receiving mail servers to reject spoofed messages. Whether spoofing succeeds in practice depends on the receiving server's own policies (Gmail, Outlook, etc. often reject unauthenticated mail regardless of the sender's DMARC policy).
What changed from yesterday?
| Metric | SPF-only analysis | Combined analysis |
|---|---|---|
| Companies with gaps | 26 (67%) | 4 (10%) |
| False alarms | — | 22 companies mislabeled as risky |
| Layers checked | SPF only | SPF + DMARC + DKIM |
The original analysis was technically accurate — 26 companies do use SPF softfail — but practically misleading, because most are protected by DMARC enforcement.
Check any domain yourself
I built an interactive checker that shows a combined spoofability risk score weighing all three layers. Enter any domain and get SPF policy + DMARC enforcement + DKIM presence + an overall assessment.
Data pulled live from public DNS records via DomainIntel. All claims independently verifiable with dig\.
Original correction prompted by @privacyfish's comment. Updated May 21 2026: Nvidia and xAI reclassified as well-protected after re-verification against live DNS (my scanning tool had returned stale data for those domains). Data collected May 21, 2026.
