Google Workspace DNS Checker
A one-click DNS audit for Google Workspace domains
📬 Google Workspace DNS Checker
Enter a domain hosted on Google Workspace / Gmail. We check the records that matter for a Google tenant: SPF includes _spf.google.com, the DKIM google selector, DMARC, an MX pointing to Google's mail servers, and MTA-STS.
Try an example: google.com · youtube.com
Frequently Asked Questions
Common questions about Google Workspace DNS configuration.
What SPF record do I need for Google Workspace?
The minimum is v=spf1 include:_spf.google.com -all. If you also send through third-party services, add their includes too, but keep an eye on the 10-DNS-lookup limit. -all is recommended. ~all is acceptable while you're still migrating.
What is the DKIM selector for Google Workspace?
Google Workspace defaults to the selector google, so the DKIM TXT record lives at google._domainkey.<your-domain>. If you picked a custom selector when generating the key in the Google admin console, this checker won't find it under google. Run /dkim with your custom selector to confirm.
What MX should my domain point to?
Google Workspace now uses a single high-priority MX: smtp.google.com with priority 1. Older tenants used five hosts (aspmx.l.google.com plus alt1 through alt4.aspmx.l.google.com). Both are valid. Google recommends new tenants use the single-host setup.
Do I need MTA-STS on Google Workspace?
It is worth doing. MTA-STS prevents downgrade attacks on inbound TLS. For Google-hosted domains, publish a TXT record at _mta-sts.<your-domain> and a policy file at https://mta-sts.<your-domain>/.well-known/mta-sts.txt listing aspmx.l.google.com and the alt hosts.
Does Google support Autodiscover?
Not natively. Google Workspace mailboxes are accessed via IMAP, POP, SMTP, or the Gmail web and mobile apps. If you need Outlook to auto-configure against Gmail, install Google's Workspace Sync for Microsoft Outlook (GWSMO). It handles the configuration on the client side without needing an Autodiscover record.