MailParse/Tools/DMARC Checker
DNS policy lookup

Free DMARC Checker

A DMARC checker looks up the TXT record at _dmarc.yourdomain.com, explains the active policy, and flags missing reporting, rollout, or subdomain settings that affect spoofing protection.

Use it before moving from p=none to p=quarantine or p=reject. For the full domain picture, run the Email Authentication Scorecard.

Check a domain

Enter the bare domain - no protocol or path.

Try:

How to use this DMARC checker

Step 1

Enter a domain

Type the bare domain you want to inspect, such as example.com.

Step 2

Look up the DMARC record

The checker queries the TXT record at _dmarc.yourdomain.com and parses the DMARC tags.

Step 3

Review policy and reporting

Check the policy, rollout percentage, aggregate reports, forensic reports, and subdomain policy.

Step 4

Apply the fixes

Use the remediation list to move from missing or monitoring-only DMARC toward p=quarantine or p=reject.

Frequently asked questions

What is a DMARC record?

A DMARC record is a DNS TXT record published at _dmarc.yourdomain.com. It tells receiving mail servers what to do when email claiming to be from your domain fails SPF or DKIM alignment.

What is the best DMARC policy?

The strongest DMARC policy is p=reject with pct=100 after you have verified legitimate senders. Many domains start with p=none for monitoring, move to p=quarantine, and then enforce with p=reject.

Why does DMARC need rua reports?

The rua tag sends aggregate reports that show which services send mail for your domain and whether they pass authentication. Without rua reports, it is harder to move safely from monitoring to enforcement.

What does pct mean in DMARC?

The pct tag controls the percentage of failing messages affected by the policy. pct=100 applies the policy to all messages and is the recommended final state for enforcement.

Do I need SPF and DKIM before DMARC?

Yes. DMARC relies on SPF or DKIM alignment. A domain can publish DMARC first for visibility, but enforcement works best after legitimate mail passes SPF or DKIM consistently.

Related tools

SPF Record Checker

Validate SPF syntax, lookup count, and dangerous mechanisms like +all.

DKIM Checker

Look up DKIM selectors, parse public keys, and verify key strength.

DMARC Record Generator

Generate a compliant DMARC TXT record with policy and reporting tags.

Email Authentication Scorecard

Grade SPF, DKIM, DMARC, BIMI, MX, and TLS-RPT in one report.

BIMI Record Checker

Validate BIMI record, logo URL, and certificate readiness.

Email Header Analyzer

Decode raw email headers and inspect message-level authentication results.

Need DMARC results on every inbound email?

MailParse parses inbound MIME into structured JSON and extracts SPF, DKIM, and DMARC authentication results from each message.

Get Started FreeLearn more about MailParse