Your First Scan
What to expect when VouchCore scans your primary domain for the first time.
What Gets Scanned
On initial enrollment, VouchCore scans your primary domain's:
- SPF Record — Is it published? What mechanism does it use? Is it enforced (-all) or permissive (~all)?
- DMARC Policy — Is it published? What policy is in effect (none/quarantine/reject)? What percentage of mail is covered?
- DKIM Status — Passive DNS cannot confirm active DKIM signing, but the scan identifies common selectors and flags if verification is needed.
- Conviction Score — A composite 0–100 trust score derived from the above signals and threat feed correlation.
Reading Your Results
Results are presented in three sections: Posture Score (your composite trust rating), Protocol Controls (individual SPF/DMARC/DKIM status cards), and the Remediation Checklist (prioritized action items with plain-language consequence statements).
Each finding includes a consequence sentence — not just what the technical state is, but what it means for your organization's exposure. A DMARC policy of "none" doesn't just mean "monitoring only" — it means attackers can send email that appears to come from your domain and it will be delivered.
After Your First Scan
After reviewing your baseline posture, the recommended next step is an Institutional Briefing — a direct conversation with the VouchCore team to review your specific findings, discuss prioritization, and determine fit for your organization's needs and budget.