DMARC Check
Inspect DMARC policies for a domain
DMARC records define how to handle SPF/DKIM failures.
Type a domain to check DMARC records (stored at _dmarc.domain).
What is DMARC?
DMARC builds on SPF and DKIM to define how receivers handle failed authentication.
DMARC policy options
Policies include none, quarantine, and reject, with optional reporting addresses.
Why DMARC matters
DMARC protects users from phishing and gives domain owners visibility into abuse.
DMARC records explained
DMARC policies are published as TXT records at the _dmarc subdomain.
The policy (p=) tells receivers how to treat messages that fail SPF or DKIM alignment.
Example DMARC record
DMARC records include policy and reporting details.
| Host | Value | TTL |
|---|---|---|
| _dmarc | v=DMARC1; p=quarantine; rua=mailto:[email protected] | 3600 |
Start with p=none to monitor before enforcing.
Use rua/ruf tags for aggregate and forensic reporting.
Common DNS errors
NXDOMAIN
The domain does not exist in DNS. Check the spelling or registration status.
SERVFAIL
The resolver failed to answer. This can be caused by DNSSEC issues or upstream outages.
Timeout
The DNS server did not respond in time. Try again or check connectivity.
Frequently Asked Questions
Where is the DMARC record stored?
DMARC records are stored at the _dmarc subdomain of the root domain.
What does p=none mean?
It means monitor only. Mail is delivered but reports are generated.
Why is DMARC missing?
The domain may not publish DMARC yet, or the record is on a different host.