DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that builds on SPF and DKIM to protect your domain from email spoofing.

What does p=reject mean?

p=reject tells receiving mail servers to reject any emails that fail DMARC alignment checks, providing the strongest protection against spoofing.

DMARC Record Checker

Enter a domain to inspect its DMARC policy and email security configuration.

Domain Name

Server processing — your query is handled securely on our servers.

How to use DMARC Record Checker

The DMARC Check tool retrieves and decodes a domain’s DMARC record, showing its policy, alignment mode and reporting addresses so you can confirm your domain is protected against spoofing. DMARC builds on SPF and DKIM by telling receiving servers what to do when a message fails authentication and where to send aggregate reports. A correct DMARC record is essential for stopping criminals from sending phishing email that appears to come from your domain, and many large mailbox providers now expect one before granting full inbox placement.

Enter the domain whose DMARC policy you want to inspect.
Click Check to fetch the _dmarc TXT record from DNS.
Read the policy (none, quarantine or reject) and percentage.
Confirm the rua reporting address is set to collect feedback.
Tighten the policy gradually as your reports confirm legitimate senders pass.

DMARC policies explained

The p= tag sets the policy applied to mail that fails authentication. p=none only monitors and collects reports without affecting delivery, which is the safe starting point. p=quarantine sends failing mail to spam, and p=reject blocks it entirely. The recommended rollout is to start at none, study the aggregate reports to confirm every legitimate sender passes SPF or DKIM with alignment, then move to quarantine and finally reject. Jumping straight to reject before validating your senders risks blocking your own legitimate mail.

DMARC policy progression
Policy	Action on failure	When to use
p=none	Monitor only	Initial rollout
p=quarantine	Send to spam	After validating senders
p=reject	Block delivery	Full enforcement

Alignment and reporting

DMARC passes only when SPF or DKIM not only succeeds but is also aligned — meaning the authenticated domain matches the visible From domain. Alignment can be strict or relaxed, set with the aspf and adkim tags. The rua tag names an address that receives daily aggregate XML reports summarising who is sending on your behalf and whether they pass; these reports are the key to safely tightening your policy. Without a rua address you are enforcing blind, so always set one even during the monitoring phase.

Glossary

DMARC: A policy record that tells receivers how to handle mail failing SPF/DKIM and where to report.
Alignment: The requirement that the authenticated domain match the visible From domain.
rua: The DMARC tag specifying where aggregate reports are sent.
Quarantine: A DMARC policy that diverts failing mail to the spam folder.
Spoofing: Forging the From address to make email appear to come from a trusted domain.

Frequently Asked Questions

Free · No spam

Get weekly tool tips & updates

New tools, power-user tips, and productivity hacks — delivered free every Friday.

No spam, ever. Unsubscribe with one click.

Why use DMARC Record Checker?

Real-time DNS lookups using live resolver queries
Supports IPv4 and IPv6 addresses
No software to install — runs entirely in the browser
Results include TTL values and record priority

Common use cases

Verify DNS propagation after updating nameservers
Check MX records when troubleshooting email delivery
Look up SPF/DKIM/DMARC records for email security audits
Test whether a SSL certificate is valid and up to date
Find the IP address behind a domain name

Related Network & DNS

SPF Record Checker

Check the SPF (Sender Policy Framework) record for any domain. Validate your email authentication setup and spot misconfigurations instantly.

MX Record Lookup

Look up MX (Mail Exchanger) records for any domain. Find which mail servers handle email delivery and check their priority order instantly.

DMARC Record Generator

Generate DMARC DNS TXT records for your domain. Set policy, alignment, and reporting email addresses. Free DMARC policy generator.

DNS Lookup Tool

Look up DNS records for any domain — A, AAAA, MX, NS, TXT, CNAME, SOA, and CAA records. Free, instant results pulled from authoritative nameservers.

DNS Propagation Checker

Check if your DNS changes have propagated worldwide. Test A, MX, and NS records across 8 global DNS servers to confirm updates are live everywhere.

What Is My IP Address?

Instantly find your public IP address. Shows your IPv4 address as seen by websites and servers, plus quick details about your connection.

Explore all Network & DNS.