API vs dig: Why Raw Lookups Fail at Interpretation
dig is a great tool for looking up records, but lookups are only a small part of a security check. Veldica does the hard work of checking those records against official rules and finding gaps in your security that basic tools miss.
Overview
dig is a great tool for looking up records, but lookups are only a small part of a security check. Veldica does the hard work of checking those records against official rules and finding gaps in your security that basic tools miss.
Engineers who need to move past manual record checks to automated security auditing that follows the rules.
Finding a record with dig doesn't tell you if it's safe, correct, or if it will actually stop spoofing.
Clear results that check all the technical details that manual tools like dig leave behind.
Current workflow
The manual work needed to turn a raw DNS string into a security result.
- Run a
digcommand to see the SPF record. - Check the text by hand for errors and missing parts.
- Follow every link in the record to count the total lookups.
- Check other records to see if they all work together correctly.
- Write down the risks and how to fix them for your team.
Where it breaks
Simple lookups provide the text but not the context. That's why manual checks fail when you have many domains.
- Manual checks are error-prone and slow down when you have hundreds of domains.
- Teams often miss nested SPF rules that cause errors because you only see the main record.
- Different people may see the same record differently, leading to inconsistent security.
- Text results from
digare difficult to use in automated tools or apps.
Replacement model
The API model moves the security logic from a person's head into a structured API response.
Use dig to get text strings and guess the security risk based on experience.
Send the domain to Veldica and get a structured JSON report with specific findings.
Use the results in your code; if the score is low, trigger an automatic alert.
Every audit uses the same expert rules, no matter who runs the check.
Verified request
curl -H 'X-RapidAPI-Key: YOUR_KEY' \
-H 'X-RapidAPI-Host: email-domain-trust-auditor.p.rapidapi.com' \
"https://email-domain-trust-auditor.p.rapidapi.com/v1/pro/audits/domain?domain=example.com"Verified response
Veldica turns a raw text record into a specific finding with a risk level and a fix.
example.com. 300 IN TXT "v=spf1 include:_spf.google.com ~all"{
"id": "spf.soft_fail",
"check": "spf",
"title": "SPF Soft-Fail (~all)",
"status": "warn",
"severity": "medium",
"evidence": "SPF record ends in ~all. This allows soft-fails.",
"fix": "Change ~all to -all once you know all your senders are set up."
}Tool comparison
The right tool depends on if you need raw text or a security decision.
Good for getting raw records. Does not check for security risks or rule compliance.
Complete security check. Finds hidden gaps, lookup limits, and setup errors automatically.
Slow and inconsistent. Hard to keep up to date as your settings change.
Keep Exploring
Use the Workflow Library to browse more guides, comparisons, and integration examples to continue your evaluation.
Start with shell and GitHub Actions before you need structured audit output.
See why checking protocols one by one leads to missing security gaps.
How to scale your security beyond spreadsheets and manual checks.
Stop guessing and start auditing
Move beyond raw lookups. Build your security steps on a stable, automated audit API.