Who is allowed to send mail as you
v=spf1 include:one.zoho.com ~all
Found 3 separate SPF records on smartlead.ai. The DNS spec only allows one — receivers treat duplicate records as broken and fail your mail.
Your SPF record doesn't authorize Google to send mail. Even though FrostSender connects via Gmail, your SPF check will fail — recipients will treat your mail as suspicious.
Cryptographic signature on every send
No DKIM record found on your domain. DKIM cryptographically signs your outgoing mail so receivers can prove it really came from you. Without it, Gmail and Outlook will mark most of your mail as suspicious or send it straight to spam.
What receivers do when SPF or DKIM fail
v=DMARC1; p=none; sp=none; adkim=r; aspf=r
Your DMARC policy is "p=none" — monitor-only mode. Inbox providers still respect your SPF/DKIM passes, but failed mail isn't quarantined or rejected. This is fine for the first 2 weeks of a new domain, but you should tighten it once your real sends are clean.
Your DMARC record has no aggregate-report address (rua=). You're missing the daily reports that show you which sources are claiming to send as your domain — including spoofers.
Where your inbound mail is delivered
aspmx.l.google.com, alt3.aspmx.l.google.com, alt4.aspmx.l.google.com, alt1.aspmx.l.google.com, alt2.aspmx.l.google.com
Want this fixed at the source?
FrostSender ships with deliverability monitoring built in. Get on the list and we’ll let you know the moment we open access.