26 of 39 AI Companies Use SPF Softfail — Their Email Can Be Spoofed

A security analysis of 39 AI companies found that 26 use an SPF "softfail" policy, meaning spoofed emails from domains like Anthropic, Google, and NVIDIA can still be delivered to inboxes. Additionally, 9 out of 39 domains have weak or absent DMARC policies, leaving organizations such as MIRI and the Alignment Forum vulnerable to email impersonation. In contrast, OpenAI, Microsoft, and Stripe enforce strict DMARC rejection policies, which block spoofed messages even when SPF is weak.

I queried the DNS records for 39 AI companies — labs, safety orgs, tooling companies — and checked their SPF and DMARC email security policies. The results are worse than I expected. ~all softfail — including Anthropic, Google, Apple, NVIDIA, and Hugging Face-all hardfail — OpenAI, Microsoft, Amazon, Palantir, x.aiSPF Sender Policy Framework tells receiving mail servers which IPs are authorized to send email on behalf of a domain. The all mechanism at the end defines what happens when a sender isn't on the list: -all hardfail : reject the message~all softfail : accept it but maybe flag it?all neutral : no opinion+all pass all : accept everythingMost email servers treat softfail as "deliver normally, maybe add a spam score." Combined with weak DMARC policies, this means spoofed emails from most AI companies will land in inboxes. Cohere stands out: 6 approved sending services with only softfail. That's a wide attack surface with weak enforcement. DMARC tells receivers what to do when both SPF and DKIM fail. p=reject blocks spoofed messages. p=none lets them through. No DMARC at all: DMARC monitoring-only p=none : That's 9/39 domains 23% with weak or absent DMARC. For AI safety organizations like MIRI and Alignment Forum, this is notable — organizations focused on existential risk from advanced AI, vulnerable to basic email impersonation. OpenAI -all , p=reject , Microsoft -all , p=reject , Anthropic ~all , p=reject , and Stripe -all , p=reject all have strict DMARC enforcement. Anthropic's DMARC compensates for the SPF softfail — even if SPF softfails, DMARC with p=reject will block the message. xAI's infrastructure is unusual: SSL certificate from a Chinese issuer Guangdong Baota Security Technology , DMARC reports sent to Alibaba Cloud, domain registered in 1994 32 years before xAI was founded . Response time: 660ms. All data comes from public DNS records. Verify any claim: dig +short TXT example.com SPF record dig +short TXT dmarc.example.com DMARC policy dig +short MX example.com Mail servers I built an interactive email security checker where you can enter any domain and see its SPF policy, DMARC enforcement, approved sender list, and mail provider — all from live DNS queries. The full analysis of all 39 companies, including Anthropic domain verification records, MCPv1 cryptographic keys, and infrastructure details, is at domainintel.vercel.app/research. Data collected May 20, 2026. All sources are public — DNS records, SSL certificates, WHOIS, HTTP headers.