Free DMARC Checker & Lookup

Verify your domain’s DMARC status and protect against phishing and spoofing in seconds.

Enter Domain to Check DMARC

Why DMARC is Important

Without DMARC Setup

  • Attackers can spoof your domain
  • Phishing emails can look like they’re sent by you
  • Your real emails may start landing in spam
  • Sender reputation drops over time

With DMARC Setup

  • Fake emails get blocked or quarantined
  • Inbox providers trust your domain more
  • You get reports showing email activity
  • Deliverability improves long-term

How DMARC Works

A systematic validation process via SPF and DKIM followed by automated policy enforcement.

Email Initiation

An email is dispatched using your domain.

Authentication Check

SPF Check
DKIM Check

Alignment Verification

DMARC ensures the 'From' header matches validated domains.

Policy Enforcement

Delivered
Quarantine
Rejected

DMARC Dependencies

DMARC requires SPF or DKIM to be correctly established within your DNS to function effectively.

SPF

Authorizes servers

DKIM

Ensures integrity

DMARC

Enforces policy

DMARC DNS Record

DMARC is published as a TXT record in DNS.

Windows
Copy
nslookup -type=TXT _dmarc.yourdomain.com
Ubuntu
Copy
dig TXT _dmarc.yourdomain.com
Result
Copy
v=DMARC1; p=quarantine; pct=50; rua=mailto:[email protected];

DMARC Tags

Policy Action
none Monitor Only
quarantine Send to Spam
reject Strict Block

v – Version

Always: v=DMARC1.

rua / ruf

Aggregate and Forensic reports.

adkim / aspf

Alignment: r (relaxed) or s (strict).

pct

Percentage rollout (e.g., pct=50).

You're just one click away from clean email lists.
Get Free Credits

Recommended Setup Path

A safe transition from monitoring to full enforcement.

Step 1: Monitor

Dmarc Record
v=DMARC1; p=none; rua=mailto:[email protected];

Run for 1–2 weeks to collect data.

Step 2: Quarantine

Dmarc Record
v=DMARC1; p=quarantine; pct=50; rua=mailto:[email protected];

Move suspicious emails to spam. Increase pct gradually.

Step 3: Reject

Dmarc Record
v=DMARC1; p=reject; rua=mailto:[email protected];

Full protection. Unauthorized emails are blocked.

FAQs

Frequently Asked Questions

Question Icon

What is DMARC and is it required?

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. While not a strict protocol requirement, major providers like Google and Yahoo now require it for bulk senders to ensure email security.
Question Icon

Do I need SPF and DKIM for DMARC to work?

Yes. DMARC acts as a secondary layer that relies on SPF (Sender Policy Framework) or DKIM (DomainKeys Identified Mail) to pass and align before it can protect your domain.
Question Icon

Can DMARC break my email delivery?

If misconfigured, yes. To avoid this, it is recommended to start with a 'p=none' policy, which allows you to monitor reports without affecting delivery, before moving to stricter enforcement.
Question Icon

What is the best DMARC policy to use?

The best approach is a staged rollout: 1. Start with 'p=none' to monitor traffic. 2. Move to 'p=quarantine' to send suspicious mail to spam. 3. Finally, use 'p=reject' for maximum protection against spoofing.
Question Icon

What happens if I don’t have a DMARC record?

Without DMARC, your domain is vulnerable to email spoofing and phishing attacks. Additionally, your emails are more likely to be flagged as untrusted by modern inbox providers, hurting your deliverability.