DMARC Record Checker

Verify your domain's DMARC policy to protect against email phishing and spoofing.

>_
Enter a domain to check DMARC records
Results will show DMARC policy details and reporting configuration

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that builds on SPF and DKIM. It tells receiving mail servers what to do when an email fails authentication checks and where to send reports about those failures.

Example

_dmarc.example.com. 300 IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"

This record instructs receivers to reject emails that fail authentication and send aggregate reports to dmarc@example.com.

DMARC Policy Types

  • p=none — Monitor only. No action is taken on failing emails. Use this to collect data before enforcing a policy.
  • p=quarantine — Failing emails are sent to the spam/junk folder. A good intermediate step before full enforcement.
  • p=reject — Failing emails are rejected outright. The strongest protection against spoofing.

Common DMARC Tags

  • rua — Aggregate report destination (e.g. mailto:reports@example.com)
  • ruf — Forensic report destination
  • pct — Percentage of messages subject to the policy (default 100)
  • sp — Policy for subdomains
  • adkim — DKIM alignment mode (r=relaxed, s=strict)
  • aspf — SPF alignment mode (r=relaxed, s=strict)