LockIP
Enterprise-grade email security at SMB prices

Stop Email Spoofing.Protect Your Domain.

Dynamic SPF, DKIM key management, and DMARC enforcement — everything competitors charge $5,000+/year for — starting at $35/month.

Start Protecting Your DomainSee How We Compare

No setup fees • 7-day money-back guarantee • Cancel anytime

140+
Email Providers
2
DNS Lookups (Dynamic)
91%
Cheaper Than Valimail
6x
More Features Than AutoSPF

Your Domain Is Under Attack

Every day, attackers spoof legitimate domains to send phishing emails. Without proper email authentication, your brand is an easy target.

SPF Lookup Limits

The 10 DNS lookup limit means your SPF record breaks the moment you add a few SaaS providers. Emails start failing silently.

Email Spoofing

Without enforced DMARC, anyone can send emails that appear to come from your domain. Customers and partners can't tell the difference.

DKIM Mismanagement

Stale DKIM keys, missing selectors, or misconfigured records silently degrade your email deliverability and domain reputation.

Complete Email Authentication Suite

Everything you need to secure your email — SPF, DKIM, and DMARC — managed from a single dashboard.

EXCLUSIVE

Dynamic Macro-Based SPF

RFC 7208 macro-based SPF that eliminates the 10 DNS lookup limit entirely. Always 2 lookups, always under 80 characters. Provider IP changes propagate in real time via EHLO-aware delegation.

Static SPF Flattening

Recursively resolves all include, a, mx, and redirect mechanisms to explicit IP addresses. Zero DNS lookups required. Auto-refreshes every 6 hours and publishes directly to your nameservers.

DKIM Key Management

Generate RSA-1024, RSA-2048, RSA-4096, or Ed25519 keys. Configure auto-rotation schedules with 48-hour key overlap for zero-downtime transitions. One-click DNS publishing.

DMARC Report Dashboard

Automatic IMAP collection of aggregate reports from Google, Microsoft, Yahoo, and every major ISP. Visual dashboard showing pass rates, sender breakdown, and authentication results.

5-Stage Policy Wizard

Guided progression from p=none (monitoring) to p=reject (full enforcement). Each stage validates your authentication is working before recommending the next step. No guesswork.

140+ Pre-Configured Providers

Google Workspace, Microsoft 365, Amazon SES, SendGrid, Mailchimp, HubSpot, Salesforce, and 130+ more. Global coverage including providers across the US, EU, Asia, and Latin America.

PATENT-FREE IMPLEMENTATION

Dynamic SPF That Actually Works

Traditional SPF flattening is a band-aid — it solves the 10 lookup limit but breaks when providers change IPs between refresh cycles. Dynamic SPF solves the problem at the protocol level.

When a mail server checks your SPF, our system recognizes the sending server in real time, verifies it against your authorized providers, and returns a definitive pass or fail. No stale caches. No lookup limits. No record-length issues.

Our EHLO-aware delegation is a technical advantage no competitor offers — when Google sends email, we recognize their server and delegate directly to Google's own SPF record. Provider IP changes propagate instantly, with zero action required from you.

Technical Highlights

DNS Lookups: Always 2
vs. 3 for Valimail, unlimited for flattening
Record Length: ~80 characters
vs. 450+ chars for flattened records
Provider IP Changes: Instant
EHLO delegation to provider SPF in real time
Failure Mode: Graceful
Valid SPF FAIL, not NXDOMAIN errors
Protocol: Standard TXT
Fully debuggable with dig, nslookup, etc.
Fallback: Dual-mode
Switch to static flattening anytime — no lock-in

How LockIP Compares

Feature-for-feature, LockIP delivers more for less than every competitor in the market.

VendorPriceDynamic SPFStatic SPFDKIMAuto-RotateDMARCWizardProviders
LockIPBEST VALUE
$35/mo
$385/yr
140+
AutoSPF
$37/mo
$444/yr
Unknown
EasyDMARC
$72/mo
$864/yr
N/A
Skysnag
$50/mo
$600/yr
N/A
Red Sift
$100/mo
$1,200/yr
Unknown
Valimail
$400+/mo
$5,000+/yr
70M+ IPs

Pricing data gathered from public vendor websites. Competitor pricing may vary.

Up and Running in Minutes

Go from zero email authentication to full DMARC enforcement with a guided process.

1

Import Your Domain

Add your domain to LockIP and import your existing DNS zone. We automatically detect your current SPF, DKIM, and DMARC configuration.

2

Configure Authentication

Choose Static or Dynamic SPF mode, generate DKIM keys, and set up DMARC reporting. Our wizard guides you through every step.

3

Monitor & Enforce

Watch your DMARC reports in real time. Use the 5-stage policy wizard to safely progress from monitoring to full enforcement.

Simple, Transparent Pricing

One add-on, one price. Add Email Authentication to any paid LockIP plan.

Email Authentication Add-On

Available on Plus, Pro, and Elite plans.

  • Dynamic Macro-Based SPF
  • Static SPF Flattening
  • DKIM Key Management + Auto-Rotation
  • DMARC Report Collection + Dashboard
  • 5-Stage DMARC Policy Wizard
  • 140+ Pre-Configured Email Providers
  • EHLO-Aware Provider Delegation
  • Dual-Mode Flexibility (Static or Dynamic)
$35/month

$30/month for Elite plan members

Annual billing: $385/yr (save $35)

Get Started

Requires a paid LockIP DNS plan ($5+/mo)

vs. AutoSPF
$37/mo
SPF only
More features, less money
vs. EasyDMARC
$72/mo
No Dynamic SPF
51% cheaper
vs. Valimail
$400+/mo
Enterprise-only
91% cheaper

Frequently Asked Questions

What is Dynamic SPF and why do I need it?
SPF records are limited to 10 DNS lookups. If you use multiple email providers (Google Workspace, SendGrid, Mailchimp, etc.), you quickly exceed this limit and emails start failing. Dynamic SPF uses RFC 7208 macros to evaluate each email in real time against your authorized senders, eliminating the lookup limit entirely.
How does LockIP compare to Valimail?
LockIP offers a technically comparable Dynamic SPF implementation using a different (patent-free) protocol. We use include: + TXT records vs. Valimail's exists: + A records. Our approach uses fewer DNS lookups (2 vs. 3), provides graceful failure behavior, and includes EHLO-aware provider delegation that propagates IP changes instantly. The primary difference is price: LockIP starts at $35/month vs. Valimail's $5,000+/year.
Do I need to move my DNS to LockIP?
Yes, email authentication requires that your domain's zones are hosted on LockIP nameservers. This is because we need to publish SPF, DKIM, and DMARC records directly to your authoritative DNS. You can import your existing zone in seconds without any downtime.
What happens if I choose Dynamic SPF and LockIP goes down?
LockIP offers dual-mode flexibility. You can switch from Dynamic to Static SPF at any time. In Static mode, your SPF record contains explicit IP addresses with zero external dependencies. We recommend keeping a static fallback configuration as an additional safety net.
What email providers are supported?
We support 140+ email providers including Google Workspace, Microsoft 365, Amazon SES, SendGrid, Mailchimp, Mailgun, Postmark, HubSpot, Salesforce, Constant Contact, and many more. We also cover regional providers across Europe, Asia, Latin America, and Russia.
Can I use the Email Auth add-on on a Plus plan?
Yes. The Email Authentication add-on is available on any paid LockIP plan — Plus ($5/mo), Pro ($10/mo), or Elite ($25/mo). Your base plan determines the number of zones you can manage, and the add-on applies to all of them.
How long does it take to reach DMARC p=reject?
It depends on your email complexity, but our 5-stage wizard guides most organizations from p=none to p=reject within 4-8 weeks. The wizard monitors your authentication results at each stage and only recommends progressing when your pass rates are consistently high.

Your Competitors Are Already Authenticated.

Google and Yahoo now require SPF, DKIM, and DMARC for bulk senders. Don't let your emails land in spam — or worse, let attackers send as you.

Enterprise-grade email authentication. Starting at $35/month.

View Plans & PricingCreate Free Account