---
title: "NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means | DuoCircle"
description: "NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/"
---

Quick Answer

The UK's National Cyber Security Centre is retiring Mail Check and Web Check on 31 March 2026\. Both tools launched in 2017 under the Active Cyber Defence programme to give UK organizations basic visibility into email authentication (DMARC adoption, alignment, spoofing attempts) and website configuration (TLS strength, outdated protocols). After retirement, organizations lose those alerts and need broader, continuous monitoring. The NCSC recommends moving to External Attack Surface Management (EASM) tools, which inventory and monitor internet-facing assets including domains, DNS records, websites, certificates, and exposed services, and provide dashboards and remediation workflows. Action items: review what Mail Check and Web Check currently cover for your domain, identify the gaps, and replace them with continuous EASM monitoring before 31 March 2026.

NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2026/03/NCSC-announces-the-retirement-of-Mail-Check-and-Web-Check-Heres-what-it-really-means.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybersecurity%2Fncsc-mail-check-web-check-retirement-what-it-means%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=NCSC%20announces%20the%20retirement%20of%20Mail%20Check%20and%20Web%20Check%3A%20Here%E2%80%99s%20what%20it%20really%20means&url=undefined%2Fblog%2Fcybersecurity%2Fncsc-mail-check-web-check-retirement-what-it-means%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybersecurity%2Fncsc-mail-check-web-check-retirement-what-it-means%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybersecurity%2Fncsc-mail-check-web-check-retirement-what-it-means%2F&title=NCSC%20announces%20the%20retirement%20of%20Mail%20Check%20and%20Web%20Check%3A%20Here%E2%80%99s%20what%20it%20really%20means "Share on Reddit") [ ](mailto:?subject=NCSC%20announces%20the%20retirement%20of%20Mail%20Check%20and%20Web%20Check%3A%20Here%E2%80%99s%20what%20it%20really%20means&body=Check out this article: undefined%2Fblog%2Fcybersecurity%2Fncsc-mail-check-web-check-retirement-what-it-means%2F "Share via Email") 

![Mail Check and Web Check](https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6788.jpg) 

Email and web security were never really a pressing concern for many organizations in the UK until 2017, when the National Cyber Security Centre introduced Mail Check and Web Check as part of its [Active Cyber Defence programme.](https://www.ncsc.gov.uk/section/active-cyber-defence/introduction) At that time, most teams had limited visibility into how their domains were configured, how secure their websites were, or whether their **email infrastructure** was operating properly. 

_The thing is, without this critical information, your systems remain vulnerable to misconfigurations and security gaps that attackers could easily exploit_. That’s when the NCSC introduced these publicly accessible tools that helped you identify and address misconfigurations or [security gaps](https://www.securitymagazine.com/articles/99770-70-of-web-applications-have-severe-security-gaps), such as missing email authentication records, weak TLS configurations, **outdated encryption protocols**, and other issues that could expose domains and websites to attack.

But today, things have changed a lot. Digital ecosystems have become far more complex, and cyberattacks have become more sophisticated. Cloud platforms, SaaS applications, and multiple third-party vendors have become integral to almost every organization, which means that to understand your true [security posture](https://www.ibm.com/think/topics/security-posture), you need visibility far beyond just your domain or website configuration. This is why the NCSC has now decided to retire Mail Check and Web Check **from 31 March 2026**. 

Here’s all that you should know about it:

[![Upgrade Your Security Tools Digital Ecosystems](https://media.mailhop.org/duocircle/images/2026/03/spf-validator-6751.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-validator-6751.jpg)

## Why were Mail Check and Web Check even introduced?

In 2017, when Mail Check and Web Check were first introduced, they weren’t launched as permanent security solutions. Their primary purpose was to address a specific problem at the time: many security teams lacked even basic visibility into the security posture of their domains and websites.

This became a major concern for the UK government as cyberattackers started targeting weak email authentication and misconfigured domains to send fraudulent messages that appeared to originate from trusted government institutions. To address this problem and prevent unauthorized senders from sending fraudulent emails on a domain’s behalf, the government encouraged organizations to implement [DMARC](/resources/what-is-dmarc). But since implementing DMARC without monitoring is only half the job, you also need a way to track how their domains were used and whether authentication policies were working as intended.

That’s where Mail Check came in. It helped you **monitor DMARC adoption**, identify authentication gaps, and detect potential [spoofing attempts](https://www.infosecurity-magazine.com/news/infosec2025-email-domains-spoofing/). Alongside this, Web Check scanned websites for common security issues such as weak TLS configurations and outdated protocols.

Together, these tools helped you identify and fix fundamental security issues within their **digital infrastructure**. 

[![Stopping Fraudulent Senders](https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-4822.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-permerror-4822.jpg)

## What happens once Mail Check and Web Check are retired?

_From 31 March 2026, both Mail Check and Web Check will no longer be operational_. This means that if you were using these platforms to monitor your domains, email authentication, or website security posture, you will no longer have access to the insights and alerts these **tools previously provided**. 

Although these services only provided a partial picture of your digital infrastructure’s security posture, they still offered a simple way to monitor key issues related to domains, email authentication, and website configurations. But as we established earlier, to navigate **today’s threat landscape**, you need more than just basic external checks. 

After these services are retired, you will need to rely on more advanced, continuous-monitoring solutions to track your entire internet-facing infrastructure. The NCSC recommends switching to [External Attack Surface Management (EASM) tools](https://www.picussecurity.com/resource/glossary/what-is-external-attack-surface-management).

These tools tell you everything you need to know about the security posture of your **internet-facing assets**, such as domains, [DNS records](https://www.digicert.com/faq/dns/what-are-dns-records), websites, certificates, and other publicly exposed services. Moreover, these tools also allow you to manage your security risks more effectively. Most EASM platforms include dashboards that give you a clear picture of your [external attack surface](https://www.securityweek.com/cyber-insights-2026-external-attack-surface-management/), along with reports and workflow features that help you track and resolve identified issues.

These comprehensive security and management capabilities are what make EASM tools a practical replacement for platforms like Mail Check and Web Check. They go beyond the cursory checks and allow you to continuously monitor your **internet-facing infrastructure**, understand where your risks lie, and address potential vulnerabilities before attackers can exploit them.

[![NCSC announces](https://media.mailhop.org/duocircle/images/2026/03/spf-validator-6725.jpg)](https://media.mailhop.org/duocircle/images/2026/03/spf-validator-6725.jpg)

## What should you do next?

_If you have been using Mail Check or Web Check to monitor your email and web security posture, now is the time to make the switch_. You can start by reviewing how you currently monitor your domains, DNS records, websites, and [email authentication](/resources/email-authentication) settings, and **identify any gaps** that may appear once these services are retired.

Once you know what your current security posture is, you can adopt **advanced monitoring solutions** such as External Attack Surface Management (EASM) tools that give more comprehensive visibility into your internet-facing digital infrastructure. 

If you are not sure how to begin or how to transition from **Mail Check and Web Check** to the latest monitoring solutions, we are here to help. [Contact us](/contact) to learn how [DuoCircle](/) can help you stay ahead of emerging security risks.

## Topics

DMARCSecurity 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  cybersecurity 6m  Cybersecurity Basics Every College Student Should Know  Jan 21, 2026 ](/blog/cybersecurity/cybersecurity-basics-every-college-student-should-know/)[  cybersecurity 8m  DNS spoofing explained: what it is, how it works, and how to mitigate it  Nov 4, 2025 ](/blog/cybersecurity/dns-spoofing-explained-what-it-is-and-how-to-prevent/)[  cybersecurity 19m  The State of Cybersecurity in 2026: What the Data Tells Us, What It Means, and What to Do Next  May 6, 2026 ](/blog/state-cybersecurity-2026-data-insights-risks-trends-actions-next-steps/)[  Phishing 11m  AI-Generated Phishing Has Eliminated the Typo: Why Traditional Email Filters Are No Longer Enough  Apr 28, 2026 ](/blog/ai-generated-phishing-eliminates-typos-making-traditional-email-filters-ineffective/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means","description":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means.","url":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/","datePublished":"2026-03-10T13:47:56.000Z","dateModified":"2026-03-10T17:33:40.000Z","dateCreated":"2026-03-10T13:47:56.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/"},"articleSection":"cybersecurity","keywords":"DMARC, Security","wordCount":822,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6788.jpg","caption":"Mail Check and Web Check","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"cybersecurity"},{"@type":"ListItem","position":3,"name":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means","item":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"cybersecurity","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means","item":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means","description":"NCSC announces the retirement of Mail Check and Web Check: Here’s what it really means.","url":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/","datePublished":"2026-03-10T13:47:56.000Z","dateModified":"2026-03-10T17:33:40.000Z","dateCreated":"2026-03-10T13:47:56.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity/ncsc-mail-check-web-check-retirement-what-it-means/"},"articleSection":"cybersecurity","keywords":"DMARC, Security","wordCount":822,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2026/03/email-smtp-service-6788.jpg","caption":"Mail Check and Web Check","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```