Looking for an MXToolbox alternative?
MXToolbox is a broad network-diagnostics site — blacklists, MX, DNS, SMTP — and it is genuinely good at that. CanItSend is narrower and API-first: SPF, DKIM and DMARC only, delivered as JSON, with correct RFC 7208 lookup counting, SPF flattening, bulk auditing, public self-serve pricing and a free tier. Choose MXToolbox for one-off browser diagnostics across many protocols; choose CanItSend when you need email authentication checks in code.
Where MXToolbox is the right tool
Let's be fair about this, because vendor-comparison pages that pretend the incumbent is bad are not useful and nobody believes them. MXToolbox covers blacklist lookups, MX records, DNS health, SMTP diagnostics, and a great deal more. It is free for casual use, it has been reliable for years, and if you want to check whether an IP is on a blocklist, you should just go use it.
Where it isn't
It is a diagnostics site first. If what you need is email authentication checking as a programmable service — in CI, in an onboarding flow, across fifty client domains on a schedule — that is a different product shape.
| MXToolbox | CanItSend | |
|---|---|---|
| Scope | Broad: blacklists, MX, DNS, SMTP, more | Narrow: SPF, DKIM, DMARC |
| Primary interface | Web UI | JSON API |
| Pricing | Tiered; API on paid plans | Public, self-serve, free tier |
| Get a key | Sign-up flow | Emailed in ~30 seconds |
| SPF flattening | — | Yes, as an endpoint |
| Bulk / roster audit | — | POST /v1/audit/bulk |
| OSS clients | — | npm + PyPI |
mx mechanism costs one lookup — not one per host returned. A tool
that counts per-host will inflate the number and can tell you a healthy record is over the limit.
Don't take our word for it; the spec is short and the section is
right here.
Compare on your own domain
Run the same domain through both and see whether the numbers agree.
If you want DMARC report analytics
We don't do that, and it would be dishonest to imply otherwise. Ingesting and visualising DMARC aggregate reports over time is a real product category — dmarcian, EasyDMARC, Valimail and others build it, and if that is your problem, buy one of those. We check DNS posture and we do it in code. Different job.
Frequently asked
What is a good alternative to MXToolbox for SPF and DMARC?
For browser-based, one-off diagnostics across many protocols — blacklists, MX, SMTP — MXToolbox is hard to beat and is free. For SPF, DKIM and DMARC as a programmatic JSON API you can put in CI or run across a roster of client domains, CanItSend is built specifically for that, with public pricing and a free tier.
Does MXToolbox have an API?
MXToolbox offers API access on its paid plans. The practical differences to weigh are scope (it covers far more protocols than email authentication), pricing transparency, and whether the SPF lookup count matches RFC 7208 — specifically whether the mx mechanism is counted as one lookup or one per MX host.
Why do two SPF checkers give me different lookup counts?
Almost always the mx mechanism. RFC 7208 §4.6.4 makes mx cost exactly one lookup toward the limit of 10; the A/AAAA resolution of each returned MX host falls under a separate per-mx limit and does not add to the main count. Tools that count one-per-host will report a higher number and can flag a healthy record as over the limit.
Related
- An SPF, DKIM and DMARC API — A JSON API for SPF, DKIM and DMARC over live DNS — correct 10-lookup counting, record flattening, and bulk auditing.
- The SPF 10-lookup limit, explained — SPF allows 10 DNS lookups.
- Setting up email authentication, in the right order — A working sequence for SPF, DKIM and DMARC that doesn't reject your own mail on the way.
- What an email validation API can honestly verify — Syntax, MX, disposable domains, role accounts and typos are all checkable.
Automate this → — free tier, public pricing, API key emailed in about thirty seconds. No call with anyone.