About DNS Export — Free DNS Lookup & Email Audit Tools

What this is

DNS Export is a single small website that does three things well: look up DNS records, check how a record is propagating across global resolvers, and audit a domain's email-security posture (SPF, DMARC, DKIM, MTA-STS, BIMI). Every answer can be exported to CSV, JSON, XML, BIND zone, or PDF.

Why we built it

Most public DNS tools fall into one of two buckets: stripped-down command-line wrappers that only show A and MX, or enterprise dashboards that hide the answer behind a signup wall. The middle ground — show every record type, every resolver, every email-auth detail, then let me export the result — kept missing. DNS Export is that middle ground.

What makes it different

Every record type. A, AAAA, MX, TXT, NS, SOA, CAA, SRV, CNAME, PTR, DNSKEY, DS, RRSIG, NSEC, NSEC3, SSHFP, TLSA, NAPTR, SVCB, HTTPS, HINFO, and SPF — 22 types queried in parallel.
Real propagation check. Four global resolvers in parallel (Cloudflare, Google, AdGuard, AliDNS) so you can see geo-DNS variance and in-flight propagation.
Email audit that tells you how to fix things. Beyond grading SPF/DMARC/DKIM, we auto-detect your mail provider from MX and generate a ready-to-paste record with the correct includes for Google Workspace, Microsoft 365, Fastmail, Zoho, Proton Mail, Amazon SES, SendGrid, Mailgun, iCloud, and MailerLite.
Export, not just view. CSV for spreadsheets, JSON for scripts, XML for tooling, BIND for zone migration, PDF for client deliverables.
No accounts, no tracking, no data stored. Built as a public utility, not a funnel.

Who it's for

Engineers who need to verify a CNAME flip propagated. Sysadmins migrating a zone. Email marketers checking why deliverability dropped. Security folks auditing a domain's anti-spoofing posture. Developers exporting records for a documentation handoff. Anyone who pasted dig +short into a colleague's chat and wished there was a shareable link instead.

How it works

All DNS resolution happens over DNS-over-HTTPS (DoH), so your browser only ever talks to our server, and our server only ever talks to public DoH endpoints. No raw UDP, no firewall pain. The frontend is plain HTML and Tailwind via CDN — no SPA framework, no build step beyond static file generation. The backend is a small Node.js + Express service with a handful of routes.

Open feedback

Suggestions, bug reports, missing record types, and feature requests are welcome. See the Contact page.