Checks DNS via Cloudflare DoH and Kickbox API. No email is sent. No data stored.
What this tool does
Free email spam score checker -- analyse SPF, DMARC, spam trigger words, link density, and HTML ratio to test email deliverability
How this spam score tester works, what each check detects, and why each signal determines whether your email reaches the inbox or the spam folder
This free email spam score tester performs ten diagnostic checks across the DNS authentication layer, content analysis layer, and technical structure layer of any email to estimate its inbox placement probability. The DNS checks run directly from your browser using Cloudflare DNS over HTTPS (cloudflare-dns.com/dns-query) with automatic Google DoH fallback, querying live DNS records for SPF policy, DMARC enforcement, and sender domain MX configuration. The disposable domain check queries the Kickbox open API (open.kickbox.com) which maintains a continuously updated database of tens of thousands of known throwaway and temporary email providers. The content analysis checks run entirely client-side using a curated database of 60+ subject-line spam trigger words and 80+ body spam phrases compiled from SpamAssassin rule sets, Gmail content policy guidelines, and Barracuda spam pattern databases. All ten checks run concurrently where possible and produce results in under 15 seconds, with a scored 0-95 deliverability estimate and a four-tier inbox verdict: Likely Inbox, Probably Inbox, At Risk, or Likely Spam.
The scoring model is weighted to reflect the relative importance of each signal in the spam filter decision trees used by major inbox providers. DNS authentication checks account for 40 of the 95 available points (SPF: 15, DMARC: 15, MX: 10) because authentication failures are among the most common causes of bulk rejection -- Gmail, Yahoo, and Outlook all now require SPF and DMARC for senders above 5,000 messages per day, and authentication signals are applied before content analysis in most spam filter pipelines. Content analysis checks (subject spam words, body spam phrases, subject caps) account for 25 points because content triggers are the leading cause of spam classification for authenticated senders. The technical checks (link density, HTML ratio, subject length) account for 15 points as secondary signals that compound with content flags. The disposable domain check can remove up to 10 points because sending from a known throwaway domain is treated as an automatic rejection signal by most ESPs. Every check that scores below its maximum includes a specific remediation instruction -- an exact DNS record to add, a phrase to remove, or a content change to make -- so each run produces actionable output, not just a score.
Understanding how to use this tool effectively requires knowing what it can and cannot assess. This checker covers the DNS layer, content layer, and basic technical structure -- the signals that account for the majority of spam classification decisions for new or misconfigured senders. It cannot assess IP reputation (whether your sending IP is on real-time blacklists -- check MXToolbox for that), DKIM signature validity (which requires knowing your selector and signing infrastructure), sender reputation history (accumulated over months of sending), or engagement-based filtering (Gmail and Outlook weight historical open and click rates heavily). For a complete deliverability audit, combine this tool with an IP blacklist checker, run DKIM validation through your mail provider's dashboard, and send a test email to a dedicated seed address at mail-tester.com or GlockApps to get a full filter-level report. This spam score tester is the fastest first-pass diagnostic to identify and fix the most impactful deliverability issues before any sending begins.
Checks and scoring details
SPF Authentication
Checks the v=spf1 TXT record and scores by policy strictness: -all or ~all = full points, +all or ?all = partial, missing = 0 (15 pts max).
DMARC Policy
Reads _dmarc.domain for enforcement level: p=reject = 15pts, p=quarantine = 13pts, p=none = 5pts, missing = 0pts (15 pts max).
Sender MX Records
Verifies the sender domain has MX records configured -- unusual absence is a spam signal for major filters (10 pts max).
Disposable Domain
Queries Kickbox open API to detect known throwaway and temporary email provider domains (10 pts max).
Subject Spam Words
Scans the subject against 60+ known spam trigger words and phrases from SpamAssassin and Gmail content rules (10 pts max).
Subject Caps/Punctuation
Detects ALL CAPS words, excessive capitalisation ratio, and repeated punctuation marks like !!! in the subject line (5 pts max).
Body Spam Phrases
Scans email body content against 80+ spam phrases associated with phishing, scams, and bulk promotional abuse (10 pts max).
Link Density
Counts URLs and calculates the ratio to total word count -- high link density is a key spam filter trigger (10 pts max).
HTML/Text Ratio
Measures the proportion of HTML markup to visible text content -- spam filters penalise markup-heavy, content-thin emails (5 pts max).
Subject Line Length
Validates subject line character count against the recommended 20-60 character range for deliverability (5 pts max).
Four-Tier Verdict
Scores translate to: Likely Inbox (80-95), Probably Inbox (62-79), At Risk (38-61), Likely Spam (below 38).
Fix Instructions
Every check that fails or warns includes a specific actionable fix instruction explaining exactly what to change.
Examples
Email spam score examples -- from clean transactional email to full spam profiles and disposable sender domains
Five real-world email configurations with their spam analysis results, scores, and what each outcome means for inbox placement
PassClean transactional email -- full authentication, no spam content
From: noreply@yourapp.com
Subject: Your order #12345 has shipped
SPF: pass v=spf1 include:sendgrid.net -all
DMARC: pass p=reject
Body: Hi [Name], your order shipped today. Track it here: [1 link]
Links: 1
HTML: 28% (clean template)
Score: 91/95 -- Likely Inbox
A well-authenticated transactional email with a clear, short subject line, no spam trigger words, a single relevant link, and lean HTML scores 91/95. This configuration is what every transactional email should aim for -- strict SPF and DMARC enforcement combined with clean, minimal content.
GoodMarketing newsletter -- good DNS, mild content flags
From: hello@brand.com
Subject: Our biggest sale of the year is here
SPF: pass v=spf1 include:mailchimp.com ~all
DMARC: pass p=quarantine
Body: Shop now, limited time, exclusive deals... [4 links]
Links: 4
Spam phrases: "limited time", "exclusive"
Score: 76/95 -- Probably Inbox
A marketing newsletter from a well-configured domain loses points for two mild spam phrases ('limited time', 'exclusive') and four links. DNS authentication is strong. The score of 76 places it in Probably Inbox -- removing the flagged phrases would push it into Likely Inbox territory.
WarningMissing DMARC + spam subject -- at-risk configuration
From: info@company.com
Subject: FREE OFFER - Act Now! Limited Time!!
SPF: pass present
DMARC: fail No record at _dmarc.company.com
Subject flags: "free", "act now", "limited time", ALL CAPS, !!
Body: Clean
Links: 2
Score: 48/95 -- At Risk
A domain with SPF but no DMARC combined with an aggressive spam subject line drops to 48/95 -- At Risk. The subject alone triggers three spam word checks and an ALL CAPS flag. Even with clean body content, the subject and missing DMARC are enough to trigger most spam filters.
FailFull spam profile -- missing auth, spam content, high link density
From: winner@free-prize.net
Subject: YOU WON!!! CLAIM YOUR CASH PRIZE NOW!!!
SPF: fail No SPF record
DMARC: fail No DMARC record
Body: Congratulations dear winner! Click here to claim your free money...
Body flags: "congratulations", "dear winner", "click here", "free money"
Links: 12 (8.4% density)
HTML: 74% markup
Score: 8/95 -- Likely Spam
This email fails every major check: no SPF, no DMARC, a heavily spammy subject with ALL CAPS and multiple exclamation marks, four body spam phrases, twelve links, and an HTML-heavy template. This profile scores 8/95 and would be rejected or silently discarded by virtually every major inbox provider.
WarningDisposable sender domain -- auto-flagged regardless of content
From: contact@mailinator.com
Subject: Hello from our team
SPF: pass present
DMARC: pass present
Body: Clean professional content
Links: 1
Disposable: FLAGGED by Kickbox API
Score: 42/95 -- At Risk
Even with clean content and valid DNS records, sending from a known disposable email domain like Mailinator results in an At Risk score. Major ESPs maintain blocklists of disposable providers and apply automatic penalties regardless of content quality. The fix is to send from a legitimate registered business domain.
FAQ
Frequently asked questions about email spam scores, spam trigger words, SPF, DMARC, and inbox placement
Common questions about how spam filters score emails, what causes spam classification, and how to fix a failing spam score
What does this email spam score checker actually test?
This spam score checker runs ten distinct checks across three layers of email deliverability. The DNS layer checks include SPF record detection and policy scoring, DMARC record enforcement level, sender domain MX record presence, and disposable domain detection via the Kickbox open API. The content layer checks include subject line spam trigger word analysis against a curated list of 60+ known spam phrases, subject line ALL CAPS ratio and excessive punctuation detection, email body spam phrase detection against a 80+ phrase database, and URL link density scoring. The technical layer checks include HTML-to-text ratio analysis and subject line length validation. Every check produces a pass, warn, or fail result with a point score, and failing checks include a specific fix instruction. The total score is presented as a 0-95 deliverability estimate with a four-tier inbox placement verdict.
What are the most common spam trigger words to avoid in subject lines?
The highest-risk subject line spam trigger words include: free, win, winner, won, cash, money, earn, income, profit, guarantee, guaranteed, risk-free, limited time, act now, urgent, click here, buy now, order now, special offer, exclusive deal, 100%, amazing, incredible, congratulations, and you have been selected. Beyond individual words, patterns matter more than single terms -- a subject containing two or three of these terms together scores much higher on spam filters than any single term alone. SpamAssassin, Barracuda, and Google Gmail all use phrase-level scoring where combinations of moderate-risk words trigger rejection even if each word is individually acceptable. The safest approach is to write subject lines as you would write a professional email to a colleague rather than an advertising headline.
How is the spam score calculated and what do the score ranges mean?
The spam score is calculated from ten weighted checks, each contributing a point value: SPF authentication (0-15 points), DMARC policy (0-15 points), sender MX records (0-10 points), disposable domain check (0-10 points), subject spam words (0-10 points), subject caps and punctuation (0-5 points), body spam phrases (0-10 points), link density (0-10 points), HTML/text ratio (0-5 points), and subject line length (0-5 points). The maximum total is 95 points. The four-tier verdict is: Likely Inbox at 80-95 points (85%+), Probably Inbox at 62-79 points (65-84%), At Risk at 38-61 points (40-64%), and Likely Spam below 38 points. This scoring is modelled on the signal weighting used by major spam filters including SpamAssassin, Gmail's spam detection, and Microsoft Exchange Online Protection.
Why does my email still go to spam if my DNS is configured correctly?
DNS authentication (SPF, DMARC, DKIM) is a necessary but not sufficient condition for inbox placement. DNS checks pass or fail as binary signals, but spam filters use hundreds of additional signals that cannot be checked without actually sending the email. The most common reasons for spam classification despite clean DNS include: IP reputation (your sending IP is on a real-time blacklist -- check MXToolbox Blacklist Checker), sender reputation (low historical open rates or high complaint rates from previous campaigns), content analysis (spam trigger words, link density, HTML structure), engagement history (Gmail and Outlook weight past recipient engagement heavily in placement decisions), and sending volume and velocity (sudden large volume from a new IP triggers filtering regardless of DNS). A clean spam score from this tool means your DNS layer and content are well-configured -- IP reputation and engagement history are the next variables to address.
What is SPF and why does a missing SPF record increase my spam score?
SPF (Sender Policy Framework) is a DNS TXT record that publishes the list of IP addresses authorised to send email on behalf of your domain. When a receiving server gets an email claiming to be from your domain, it checks your SPF record to verify the sending IP is on the authorised list. A missing SPF record means the receiving server has no way to verify the sender's identity, which is treated as a significant negative signal -- particularly by Gmail, which uses SPF pass/fail as one of the top three authentication signals for spam scoring. The SPF record format is v=spf1 include:yourmailprovider.com -all, where -all means reject mail from any server not on the list. Use ~all (soft fail) if you are still validating all your sending sources before moving to strict enforcement.
What is DMARC and what policy should I use to improve inbox placement?
DMARC (Domain-based Message Authentication Reporting and Conformance) is a DNS TXT record published at _dmarc.yourdomain.com that tells receiving servers what to do with emails that fail SPF or DKIM authentication. The three policy levels are p=none (collect reports but take no action -- monitoring mode), p=quarantine (send failing messages to the spam folder), and p=reject (refuse failing messages outright). For the best inbox placement, start with p=none to collect authentication reports via the rua= reporting address, then review the reports to ensure all your legitimate sending sources pass SPF or DKIM, then upgrade to p=quarantine, and finally to p=reject. Major inbox providers including Gmail and Yahoo now require a DMARC record for bulk senders and give preference in spam scoring to domains with p=quarantine or p=reject.
How does link density affect spam score and how many links should an email have?
Link density refers to the ratio of URLs to total word count in an email. Spam filters flag emails with high link density because phishing emails, spam campaigns, and malware distribution emails characteristically contain many URLs. SpamAssassin's MANY_LINKED_URLS rule adds significant score points to emails with more than six hyperlinks. The recommended safe range is one to three links per email for transactional emails, and up to five links for marketing emails with clear unsubscribe links. Beyond count, the type and domain reputation of the links also matters -- links to free URL shorteners, newly registered domains, or known-bad domains add additional spam score points that this tool does not evaluate without resolving the URLs. Keep links to a minimum, use your own branded domain, and avoid link shorteners.
What is a good HTML-to-text ratio for email deliverability?
The HTML-to-text ratio measures what proportion of your email body consists of HTML markup tags versus visible text content. Spam filters prefer a high ratio of visible text to HTML structure because spam emails are often image-heavy or HTML-heavy with minimal readable text -- a technique used to hide spam content from text-based analysis. The ideal HTML-to-text ratio is generally below 40% HTML to 60% visible text, meaning your email should contain significantly more readable content than markup. Heavy HTML emails (above 60% markup) score poorly on SpamAssassin's MIME_HTML_MOSTLY rule. Plain text emails score best of all. If you use HTML email templates, ensure each section contains substantial text content and avoid using large background images or single-image emails with minimal text.
What is a disposable email domain and why does it affect spam score?
Disposable email domains are services that provide temporary, throwaway email addresses with no signup required -- examples include Mailinator, Guerrilla Mail, 10 Minute Mail, Temp-Mail, and thousands of others. Major email service providers maintain blocklists of these domains because they are disproportionately used for spam registration, abuse, and fake signups. Sending from a disposable domain is a strong negative signal because it suggests the sender is attempting to obscure their identity. This tool uses the Kickbox open API (open.kickbox.com) which maintains a continuously updated database of disposable email domains. If your sending domain is flagged, it means your domain is registered with a provider known to offer throwaway mailboxes, and you should migrate your sending to a legitimate business domain.
How do I fix a failing spam score and improve email deliverability fast?
Each failing check in this tool includes a specific fix instruction. For the fastest improvements: (1) Add SPF -- create a TXT record at your domain root containing v=spf1 include:yourmailprovider.com -all, substituting your actual mail provider's SPF include string which can be found in their documentation. (2) Add DMARC -- create a TXT record at _dmarc.yourdomain.com containing v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com and upgrade to p=quarantine after reviewing reports. (3) Rewrite your subject line removing any spam trigger words and ensuring it is 20-60 characters in sentence case. (4) Review your email body and remove or reword common spam phrases. (5) Reduce link count to three or fewer. DNS changes typically propagate within minutes for low-TTL records but can take up to 48 hours. Re-run this checker after each change to verify the fix.
Related Email Tools
Need a disposable email address?Stop giving your real email to sites you don't trust -- get a free instant throwaway address with no signup and no trace.
Get Free Temp Mail ->