Is Your Business Email Set Up Correctly?
Three hidden settings behind your email address determine whether your emails reach the inbox, whether scammers can fake emails using your name, and whether your business is protected. Check yours in under two minutes — for free.
Most Perth Business Owners Have No Idea These Settings Exist
Behind your business email address, there are three important settings that control how trustworthy your email looks to the rest of the world. They are not visible in your inbox, they do not affect your password, and most IT companies set them up without explaining what they are or why they matter.
When these settings are missing or wrong, two problems occur. First, your own legitimate emails — quotes, invoices, proposals — may be quietly landing in your clients’ junk folders without either of you realising. Second, criminals can send convincing fake emails that appear to come from your business address, potentially tricking your clients or suppliers into sending money to the wrong account.
Here is a plain-English explanation of what the three settings do — and how to check yours right now.
The Three Settings That Protect Your Email
Each card below explains one setting in plain English. The technical name is included at the bottom of each card in case your IT person or email provider asks what you need fixed.
Setting 1 — Who is allowed to send email from your address
There is a hidden setting behind your domain name that tells other email servers which companies are authorised to send email on your behalf. If this setting is missing or wrong, two things happen: your legitimate emails may be marked as spam, and scammers can send convincing fake emails using your business name and address.
Technical name: SPF record
Setting 2 — A digital seal that proves each email genuinely came from you
Every email your business sends can carry an invisible signature that proves it was not tampered with and that it genuinely came from your mail system. Without this, there is no way for the recipient’s email system to verify the email is real — making it easier for criminals to impersonate your business.
Technical name: DKIM record
Setting 3 — Instructions for what to do with suspicious emails sent in your name
This setting tells other email servers what to do if they receive an email claiming to be from your business but failing the checks above. You can set it to do nothing, send suspicious emails to junk, or block them entirely. Most businesses have this set to “do nothing” — or do not have it set at all.
Technical name: DMARC record
Run Your Check Now — Takes Under Two Minutes
The checks below open a free online tool in a new tab. Type your domain name into the box — that is the part of your email address after the @ symbol, for example yourbusiness.com.au — and press Enter. The result will tell you whether the setting is in place and whether it looks correct.
1
Check Setting 1
Visit the link below, type your domain name (e.g. yourbusiness.com.au) into the box and press Enter.
Check who can send as you →Opens MXToolbox SPF lookup in a new tab
2
Check Setting 2
Same process — enter your domain name and press Enter to see whether your digital seal is in place.
Check your email seal →Opens MXToolbox DKIM lookup in a new tab
3
Check Setting 3
This one shows whether fake emails sent in your name are being blocked, sent to junk, or getting through unchallenged.
Check fake email protection →Opens MXToolbox DMARC lookup in a new tab
The tool is free to use and run by a company called MXToolbox — a widely used independent email diagnostic service. DM1 has no affiliation with them. You just need your domain name (the part after the @ in your email address).
What Your Results Mean
The tool will show you a result for each check. Use the table below to understand what it means and whether action is needed. If you are not sure, take a screenshot and send it to DM1 — we will tell you exactly what needs fixing.
| What the result says | What it means in plain English | How urgent is it? | What to do |
|---|---|---|---|
| No record found (Setting 1) | There is nothing stopping criminals from sending emails that appear to come from your business address. Your own legitimate emails may also be going to junk without you knowing. | Fix immediately | Contact DM1 — this is a straightforward fix but needs to be done correctly |
| Record found but contains “+all” | The setting exists but is configured too loosely — it still allows anyone to send email as you. This is almost as bad as having nothing in place. | Fix immediately | Contact DM1 — the record needs to be tightened |
| Record found, looks correct (Setting 1) | The basic setting is in place. This is a good sign, but it only covers who can send — you still need the other two settings to be complete. | Good — check the others | Run the checks for Settings 2 and 3 |
| No seal found (Setting 2) | Your emails carry no proof that they genuinely came from you. Some recipient email systems will quietly move your emails to junk as a result. | Fix soon | Contact DM1 — requires a change on your mail server and your domain |
| No protection rule found (Setting 3) | Even if Settings 1 and 2 are in place, there are no instructions for what to do with fake emails — so they are likely getting through to your clients’ inboxes unchallenged. | Fix soon | Contact DM1 — this is a DNS change and takes around 30 minutes |
| Protection rule set to “monitor only” or “p=none” | The setting exists but is in watch mode — it records fake email attempts but does not actually block or filter them. Fake emails sent in your name are still getting through. | Upgrade the setting | Contact DM1 — the setting needs to move from monitoring to enforcement |
| All three settings found and correct | Your email authentication is properly configured. Your business name and address are protected, and your legitimate emails have the best possible chance of reaching the inbox. | All good ✓ | No action needed — review annually or after any email platform change |
Do You Use a Separate Program to Filter Your Business Email?
Some businesses use a separate product that sits in front of their email and checks every message for threats before it reaches their inbox. Common examples include Trend Micro, Sophos, Barracuda and similar services. If your business uses one of these, there is an important extra consideration.
What a third-party email filter does to your setup
Products like Trend Micro, Sophos or Barracuda sit between your email server and the outside world. They check all your incoming email for threats before it reaches your inbox. That is useful — but it means your outgoing email travels through their servers before being delivered. For your first setting (who is allowed to send email as you) to work correctly, the email filter company’s sending servers need to be listed in that setting. If they are not, your own legitimate emails will look suspicious to the outside world.
Why this is one of the most common problems DM1 finds
A business installs an email filter years ago. The IT person who set it up leaves. Nobody updates the email settings. The filter is still running — but the setting that says it is allowed to send on the business’s behalf was never added or has since become outdated. Emails have been quietly underperforming in inboxes for years, and nobody connected the two things. DM1 finds this situation regularly when taking on new clients.
Is Your Email Running Through Your Website Host?
Before you run your check, it helps to know that the result you get will depend heavily on what type of email setup you have. If your email runs through your website hosting provider, the results are almost certainly going to show problems — and fixing them properly means more than just changing a setting.
Is your email running through your website host? Your settings are almost certainly incomplete.
If your email runs through the same company that hosts your website — Crazy Domains, VentraIP, Netregistry, SiteGround or similar — the three settings above are rarely configured correctly. The email seal (Setting 2) in particular requires access to your mail server to set up, and most web hosting providers either do not support it or do not configure it by default.
This means that even if your domain name shows a basic setting for who can send email as you, the seal and the protection rule are almost certainly missing — leaving your clients open to receiving convincing fake emails in your name.
Fixing this properly means moving your email to a dedicated business email platform. See our email platform comparison page for a plain-English explanation of the options.
Real Situations DM1 Has Fixed for Perth Businesses
These are real situations based on DM1’s experience with new clients. Business names and details are not included, but the problems and fixes are genuine.
Discovered during DM1 new client onboarding
Quotes and proposals going to junk for over a year
When a Perth professional services firm joined DM1, our standard new client setup check immediately identified that their first email setting had never been configured by their previous IT provider. Their quotes and proposals had been landing in clients’ junk folders for well over a year. It was corrected during the onboarding process on day one. The business had no idea the problem existed.
Discovered during DM1 new client onboarding
Fake invoices had already been sent before they switched to DM1
A Perth business that moved to DM1 mentioned during onboarding that a supplier had received a suspicious email appearing to come from them months earlier, requesting a bank account change. Our new client checks confirmed all three email settings were missing — none had been put in place by their previous IT provider. That gap was what allowed the fake email to be sent in the first place. DM1 corrected all three settings on day one of the engagement.
Discovered during DM1 new client onboarding
An email filter left over from a previous IT company, silently causing problems
A business that moved to DM1 had a third-party email filter their previous IT company had installed and then never maintained. Our new client checks found that the email setting authorising that filter to send on the business’s behalf had never been configured correctly. Outgoing emails had been silently marked as suspicious by other mail servers for years. Identified and resolved by DM1 on the first day of the engagement.
Why DM1?
DM1 has been supporting Perth small businesses since the 1970s. We are an authorised Microsoft CSP partner and we manage Microsoft 365 environments across more than a dozen Perth businesses. Checking and correcting email settings is one of the first things DM1 does when taking on a new client — because in our experience, the majority of Perth businesses have at least one of the three settings missing or misconfigured.
Not Sure What Your Results Mean?
Take a screenshot of each check result and send it to DM1. We will tell you exactly what needs fixing, what it means for your business, and what it will cost to sort out — no obligation, no jargon.