Skip to main content

DMARC Record Checker

The implementation of DMARC starts with the publishing of a valid DMARC record. The dmarcian DMARC Record Checker is a diagnostic tool that allows you to view the DMARC record of any given domain and test if the TXT record is valid and published correctly.

NOTE: The new Yahoo and Google DMARC requirement will be enforced beginning February 2024 for higher volume senders. We’ve written a guide to help you prepare for the mandate and to ensure your emails won’t be disrupted.

Why test your DMARC record?

  • Find out if your record has been published correctly
  • Prevent mistakes in the formatting of your record
  • Get more information about the possible extra parameters
  • Find out where your DMARC reports are being sent to

Our tools are under maintenance. Please try again later.

Warning

Error

Access/bookmark this inspection at

Did you mean

?

Tag

Translation

DMARC record policy details and comments:

You have a valid DMARC record that provides visibility into the entirety of your email program(s) and helps ensure you meet email sending best practices as well as select Yahoo and Google’s new sending requirements. Your domain however is not fully protected against abuse. Learn more about DMARC here Getting Started with DMARC or additional information about Yahoo and Google’s new sender requirements.

Optional Tags are present

Optional tags vary from defaults and provide additional control over a number of controls. These tags are explained in detail in the Legend below.

Value

Default

We were unable to find a DMARC record. As a result, this domain is not protected against abuse and likely does not meet the new Google and Yahoo sender requirements.

Add DMARC to disallow unauthorized use of your email domain to protect people from spam, fraud and phishing.

Great Job! You have a valid DMARC record that provides visibility into the entirety of your email program(s) and helps ensure you meet email sending best practices.

Your DMARC record seems to have some syntax errors. Your next step should be to solve this issue to restore visibility into your email programs and protections.

This is most often a typo or syntax error with the DMARC record in your domain's DNS. This is almost always a TXT record at location/target _dmarc. (example: _dmarc.example.com). You can use our DMARC Record Wizard to help you rebuild it correctly.

Click here to read our "Getting Started with DMARC" guide.

Get started with your DMARC project in just a few minutes with our Free 14 Day Free trial. No credit card required to register.

Get started

The organizational domain of this sub-domain is

Receivers will apply POLICY_DOMAIN's DMARC record to DOMAIN's email (because DOMAIN does not have its own explicit policy).

A policy of "PARENT_POLICY" would be applied to unauthorized DOMAIN email.

Though you do have a valid DMARC record, it doesn't look like you have a dmarcian account we were able to find. If you'd like our help with your DMARC project, you can start a free 14-day trial. No credit card required to register.

Enter domain

Inspect the domain

Legend
TAGDEFAULTTRANSLATION
vDMARC1The DMARC version should always be “DMARC1”. Note: A wrong, or absent DMARC version tag causes the entire record to be ignored.
pnonePolicy applied to emails that fails the DMARC check. Authorized values: “none”, “quarantine”, or “reject”. “none” is used to collect feedback and gain visibility into email streams without impacting existing flows. “quarantine” allows Mail Receivers to treat email that fails the DMARC check as suspicious. Most of the time, they will end up in your SPAM folder. “reject” outright rejects all emails that fail the DMARC check.
adkim rSpecifies “Alignment Mode” for DKIM signatures. Authorized values: “r”, “s”. “r”, or “Relaxed Mode”, allows Authenticated DKIM d= domains that share a common Organizational Domain with an email’s “header-From:” domain to pass the DMARC check. “s”, or “Strict Mode” requires exact matching between the DKIM d= domain and an email’s “header-From:” domain.
aspfrSpecifies “Alignment Mode” for SPF. Authorized values: “r”, “s”. “r”, or “Relaxed Mode” allows SPF Authenticated domains that share a common Organizational Domain with an email’s “header-From:” domain to pass the DMARC check. “s”, or “Strict Mode” requires exact matching between the SPF domain and an email’s “header-From:” domain.
spp= valuePolicy to apply to email from a sub-domain of this DMARC record that fails the DMARC check. Authorized values: “none”, “quarantine”, or “reject”. This tag allows domain owners to explicitly publish a “wildcard” sub-domain policy.
fo 0 Forensic reporting options. Authorized values: “0”, “1”, “d”, or “s”. “0” generates reports if all underlying authentication mechanisms fail to produce a DMARC pass result, “1” generates reports if any mechanisms fail, “d” generates reports if DKIM signature failed to verify, “s” generates reports if SPF failed.
rufnoneThe list of URIs for receivers to send Forensic reports to. Note: This is not a list of email addresses, as DMARC requires a list of URIs of the form “mailto:address@example.org”.
ruanoneThe list of URIs for receivers to send XML feedback to. Note: This is not a list of email addresses, as DMARC requires a list of URIs of the form “mailto:address@example.org”.
rfafrfThe reporting format for individual Forensic reports. Authorized values: “afrf”, “iodef”.
pct100The percentage tag tells receivers to only apply policy against email that fails the DMARC check x amount of the time. For example, “pct=25” tells receivers to apply the “p=” policy 25% of the time against email that fails the DMARC check. Note: The policy must be “quarantine” or “reject” for the percentage tag to be applied.
ri86400The reporting interval for how often you’d like to receive aggregate XML reports. You’ll most likely receive reports once a day regardless of this setting.

Get your domains into compliance.
Try out dmarcian for free!