Next-Gen-IT Example Deliverable · Companion Report

Sold By Shonna forwarding-domain audit report.

A focused review of soldbyshonna.com, a public real-estate marketing domain that forwards visitors to shonnaking.exprealty.com. The report separates scanner noise from the one real risk: a forwarding domain with no anti-spoofing records.

Client
Shonna King
Domain
soldbyshonna.com
Registrar / DNS
GoDaddy
Date
April 25, 2026

Executive Summary

soldbyshonna.com is not a full website or mail domain. It is a forwarding-only marketing URL. Web visitors resolve through GoDaddy DNS and GoDaddy forwarding, then redirect to the eXp Realty profile. That means many domain-health scan “errors” are not broken systems; they are symptoms of a domain that intentionally has no mailbox.

The genuine issue is that the domain has no SPF, DKIM, or DMARC posture. A domain that does not send email is still useful to attackers unless it explicitly tells receivers to reject forged mail.

1Real critical risk
~30 minEstimated DNS hardening time
9/9Blacklist checks clean
Best fix: publish a null SPF record and strict DMARC reject policy so forged mail from @soldbyshonna.com is rejected.

Posture Snapshot

52

Audit posture score: 52 / 100

Forwarding works, DNS is structurally sound, and reputation is clean. The score is dragged down almost entirely by missing anti-spoofing controls on a domain nobody is monitoring for email.

Blacklist reputation100
DNS configuration88
Domain forwarding70
Anti-spoofing protection5

Infrastructure Identification

AreaObserved / inferred stateAudit interpretation
Registrar GoDaddy High-confidence inference from domaincontrol.com nameservers and SOA evidence.
DNS host ns07.domaincontrol.com / ns08.domaincontrol.com GoDaddy default DNS pool. DNS administration should be centralized there.
A records 3.33.251.168 and 15.197.225.128 Both reverse-resolve to an AWS Global Accelerator endpoint used by GoDaddy forwarding.
Web behavior 301/302 redirect to https://shonnaking.exprealty.com/ Working as a forwarding domain. Scanner HTTP 403 noise is consistent with forwarding service behavior.
Mail records No MX, SPF, DKIM, or DMARC records published No MX is acceptable for a no-mail domain; missing SPF/DMARC is the real spoofing risk.

Current-State Architecture

WEB VISITOR · WORKING AS DESIGNED Visitor soldbyshonna.com GoDaddy DNS domaincontrol.com GoDaddy Forwarding AWS Global Accelerator eXp Realty Profile shonnaking.exprealty.com ATTACKER SPOOFING EMAIL · CURRENTLY UNBLOCKED Attacker forges @soldbyshonna.com Receiver checks DNS SPF none · DMARC none Message can pass No reject instruction Risk brand spoofing Recommended DNS posture: publish a null SPF record and a DMARC reject policy for this no-mail domain.
Figure 1 — Forwarding works correctly, but email anti-spoofing is absent.

Findings & Recommended Actions

Critical

No anti-spoofing protection on a no-mail domain

Because there is no SPF or DMARC record, receivers are not instructed to reject forged email claiming to come from @soldbyshonna.com.

Host: soldbyshonna.com Type: TXT Value: v=spf1 -all Host: _dmarc.soldbyshonna.com Type: TXT Value: v=DMARC1; p=reject; rua=mailto:dmarc-reports@shonnaking.com; fo=1
Expected

No MX records are published

This is acceptable for a forwarding-only marketing domain. Do not add mailboxes unless the business intentionally plans to send or receive mail from this domain.

Noise

Scanner errors overstate the actual problem

The public scanner flags missing mail infrastructure, but the correct interpretation is not “build mail.” The correct action is “prove this domain never sends mail.”

Sequenced Remediation Roadmap

01
Day 1
Publish null SPF. Add v=spf1 -all at the root of the domain.
02
Day 1
Publish DMARC reject. Add p=reject because this domain should not send mail.
03
Day 1
Re-scan domain health. Confirm SPF/DMARC resolve publicly and scanner noise collapses.
04
Ongoing
Keep forwarding documented. Record that GoDaddy DNS/forwarding is intentional and that primary email lives on shonnaking.com.
View primary-domain report Back to Next-Gen-IT examples