About TamingDNS

Who builds it, why it exists, and what we stand behind.

Last updated: May 2026

Who runs this site

Paul Ogier, Technical Director at Outsource House (OSH.co.za) in Cape Town.

I've been running Google Workspace for SMB clients since 2008. Deliverability has been the recurring pain the whole time. TamingDNS is the toolkit I kept wishing existed: somewhere to throw a domain at SPF, DKIM and DMARC and get a straight answer instead of a marketing funnel.

It's a side project, not a business. Free, no ads, no plans to change that. Most of the checks run in your browser anyway, so there's nothing for me to monetise even if I wanted to.

Find me: LinkedIn · LinkedIn (OSH) · GitHub

Why it exists

The big commercial deliverability suites are good. They also assume you have a budget and a procurement cycle. Most of the people who land here don't. They're usually an IT manager whose CEO just had a payroll mail bounce off Microsoft 365 at 4pm, and they need an answer before close of business.

That's who this site is for. One click, an honest diagnosis, and somewhere obvious to click next.

A few rules I try to hold to

Every recommendation traces back to an RFC, a provider's published rule, or something I've reproduced in a real client environment. If I can't show you the source, I won't claim it.
DKIM, DMARC, MX, DNSSEC and BIMI checks run client-side in your browser over DNS-over-HTTPS. The server-side tools (email headers, bounce decoder) throw your input away the moment they've parsed it. Specifics are in the Privacy Policy.
No paid tier, no premium PDF behind an email gate, no "upgrade to see the rest of the result". What you see is what's there.
If a check is wrong, tell me at [email protected]. Every correction you send makes the tool better for the next person who runs the same check.

How recommendations are kept current

The major providers (Google, Microsoft, Yahoo, Apple) change their inbound rules faster than the RFCs do. I re-check the rules on each tool page whenever one of them announces a change, and I sweep through all of them every quarter regardless. Anything that's drifted gets corrected.

The DKIM selector dictionary, now over 100 providers, grows from live observation. When I spot a new selector belonging to a legitimate sender, it goes in.

Legal & contact

Operator: Outsource House, Cape Town, South Africa.

Email: [email protected]

Parent: OSH.co.za, the email deliverability and DMARC consultancy this all came out of.

Data: see the Privacy Policy for what each tool sends, where it goes, and how long it lives. (Short version: it doesn't.)