How It Works

This is the technology behind Radar. The system receives an email address representing a target message system to be tested, generates a test email that requests a reply, and sends it to the target. When the reply comes back, the system analyzes both the test message and the reply across a specific set of security checks:

• TLS encryption analysis: is the connection encrypted?
• MX record exposure: do MX records reveal internal infrastructure?
• DKIM presence: are messages properly signed?
• SPF presence: is the sender policy framework configured?
• DMARC presence: is domain-based message authentication enforced?
• Reputational information: what is the domain’s reputation?
• Reverse DNS lookup consistency: does the rDNS match?

Each failed check produces a score deduction factor. The system aggregates these deductions into a security score, displays the score, and provides specific recommendations for fixing each identified weakness.

What Makes It Different

• Proactive, not reactive: actively tests email infrastructure to find weaknesses before attackers do.
• Test-and-reply methodology: sends real test emails and analyzes the actual replies, testing production configurations rather than simulated environments.
• Deduction-based scoring: starts from a baseline and deducts for each security weakness, producing a clear, quantified security score.
• Actionable recommendations: doesn’t just identify problems, it displays specific system modifications to address each score deduction.

Why It Matters

Most organizations don’t know what their email security posture actually looks like. They configure SPF and DMARC once and assume everything is working. This system validates those assumptions by actually testing the email infrastructure end-to-end—finding misconfigurations, missing authentication, and policy gaps that create real risk.

For MSPs, it’s the foundation for offering email security assessments as a service—showing prospects a concrete security score and exactly what to fix.