DMARC Checker
Enter a domain to look up its DMARC record at _dmarc.<domain> and read back the published policy. DMARC tells receiving mail servers what to do with messages that fail SPF and DKIM, and it is what stops attackers from spoofing your visible From address.
Want everything at once? Run a full domain report (WHOIS, DNS, SSL, headers, reputation, subdomains).
New to this? Read DMARC Explained: Policies, Reports, and Setup.
Frequently asked questions
What does the DMARC policy value mean?
The p= tag sets the policy. p=none only monitors and reports, p=quarantine sends failing mail to spam, and p=reject blocks it outright. Reject gives the strongest protection against spoofing, but most domains start at none to gather reports before tightening.
Why is no DMARC record found?
The domain has not published a TXT record at _dmarc.<domain> starting with v=DMARC1. Without one, receivers have no instruction for handling forged mail from your domain, so spoofed messages are more likely to be delivered.
Is DMARC enough on its own?
No. DMARC builds on SPF and DKIM. SPF authorises sending servers and DKIM signs the message, while DMARC ties them to your domain and tells receivers what to do on failure. All three are expected for reliable delivery to major mailbox providers.