DMARC Record Checker verifies your domain's DMARC (Domain-based Message Authentication) policy. DMARC tells receiving servers how to handle emails that fail SPF and DKIM checks — essential for preventing email spoofing and phishing.
How to use this tool
Enter your domain name.
The tool queries the _dmarc.yourdomain.com TXT record.
See the DMARC policy and all tag values explained.
Check if reporting addresses are configured.
Review recommendations for improving your configuration.
Frequently asked questions
What is DMARC?
A policy that ties SPF and DKIM together and tells receiving servers what to do when authentication fails — none (monitor), quarantine (spam folder), or reject (bounce). Also provides reporting so you can see who sends email as your domain.
What policy should I use?
Start with p=none and set up reporting (rua tag) to monitor. After confirming all legitimate senders pass SPF/DKIM, move to p=quarantine, then p=reject. Jumping to reject without monitoring risks blocking legitimate email.
What is the rua tag?
The aggregate reporting address. Receiving servers send daily XML reports showing which IPs sent email as your domain and whether they passed/failed authentication. Essential for monitoring — use a service like Postmark or dmarcian to parse reports.
Do I need DMARC?
Yes. Without DMARC, anyone can send emails that appear to come from your domain. Gmail and Yahoo now require DMARC for bulk senders. Even small domains should set at least p=none with reporting.