Quinji Logo
Quinji
← All Packages
✉️ Email Security

Email Authentication & Anti-Spoof Protection.

SPF, DKIM, DMARC — set up correctly, enforced safely, and monitored ongoing. Stop spoofing, protect your domain reputation, and land in the inbox.

One-Time Packages

Audit your current setup, build it from scratch, or move to full DMARC enforcement. All include a 7-day warranty.

Package 1

Email Authentication Audit

Best for: Find out exactly what's broken or missing before fixing it

$199
Per domain · One-time
1–2 business days
SPF record review — syntax, include chain, too-many-lookups, softfail vs fail
DKIM key review — key length, rotation status, selector hygiene
DMARC record review — policy level, alignment mode, reporting setup
MTA-STS and BIMI readiness check
Subdomain spoofing exposure check
SMTP relay review — open relay risk, authenticated sending review
Email sending infrastructure mapping (which services send as your domain)
Full written report: every finding with severity and exact fix
Package 2Most Popular

SPF / DKIM / DMARC Setup

Best for: Get authentication set up correctly from scratch or fix a broken setup

$349
Per domain · One-time
2–3 business days
SPF record created or corrected — clean, minimal, no redundant lookups
DKIM keys generated and configured for all sending sources
DMARC record deployed at monitoring policy (none) to start safely
Alignment verified between SPF, DKIM, and DMARC
DMARC reporting setup — aggregate (rua) and forensic (ruf) reports configured
Subdomain policy set to prevent subdomain spoofing
Verification run post-deployment — test emails, header inspection
Handover document: what was set up, what to watch, next steps
Package 3

Anti-Spoof Hardening + DMARC Enforcement

Best for: Move from p=none to p=quarantine or p=reject safely — full enforcement

$599
Per domain · One-time
3–7 business days
Everything in Package 2, plus:
Full sending source discovery — every system sending as your domain identified
Align all sending sources with SPF/DKIM before policy tightening
Staged DMARC rollout plan: none → quarantine → reject, with criteria
DMARC report analysis — identify legitimate senders failing auth
Policy enforcement at p=quarantine or p=reject once safe
SMTP security hardening (TLS enforcement, relay controls)
Post-enforcement monitoring — verify no legitimate mail is blocked

Add-Ons

Extend any package with these optional extras.

Additional domain (same audit or setup scope)$99/domain
Google Workspace / Microsoft 365 DKIM setup$99
Cold email infrastructure review (warm-up, reputation, deliverability)$249
MTA-STS policy setup$99
BIMI setup (brand logo in inbox)$199
Transactional email provider audit (SendGrid, SES, Postmark, etc.)$149

Monthly Monitoring Plans

DMARC doesn't end at setup. Ongoing monitoring catches new spoofing attempts and legitimate sender misalignments.

DMARC Monitor

$99/month
1 domain · Async support
Extra: $70/hour for additional work
  • Weekly DMARC aggregate report review
  • Alerts for new unauthorized sending sources
  • Quarterly alignment health check
  • Email support for deliverability questions

Email Security Care

$249/month
Up to 3 domains · 2 support hours/month
Extra: $65/hour beyond included
  • Everything in DMARC Monitor, plus:
  • Monthly DMARC report deep-dive with recommendations
  • Proactive alignment fixes if new senders detected
  • Blacklist monitoring (domain + sending IPs)
  • Response within 24 business hours

Deliverability Partner

$499/month
Up to 8 domains · 4 support hours/month
Extra: $60/hour beyond included
  • Everything in Email Security Care, plus:
  • Full deliverability monitoring (inbox placement, reputation scores)
  • Proactive remediation for blacklisting or policy failures
  • Quarterly infrastructure review
  • Priority response

What's Not Included

  • Email hosting or mailbox costs (client's own)
  • ESP / transactional email provider subscription
  • Domain registrar or DNS hosting fees
  • Legal or compliance advisory (CAN-SPAM, GDPR, etc.)
  • Email copywriting or campaign management
  • Reputation recovery from severe blacklisting (quoted separately)

🔒 No Changes Without Approval

All DNS changes are documented and shared before being applied. Nothing changes without your explicit sign-off.

🛡️ 7-Day Warranty

If authentication fails post-setup due to something in scope, it's fixed at no extra charge within 7 days.

Is your domain being spoofed?

Book a call — we'll check your current setup in minutes and tell you exactly what needs fixing.

Book a Security CallRequest a Quote
Book a Free Call