Verify your domain's DMARC configuration, identify issues, and protect your email reputation from spoofing and phishing attacks — completely free.
🔒 We only perform DNS lookups. No data is stored.
Understanding email authentication
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that helps protect your domain from being used in email spoofing, phishing, and other cybercrimes.
DMARC builds on SPF and DKIM protocols by adding policy instructions. It tells receiving mail servers what to do when an email fails authentication checks.
Without DMARC, attackers can forge emails appearing to come from your domain. This damages your brand reputation and puts your customers at risk.
Stop attackers from sending fake emails that appear to come from your domain. Protect your customers from phishing scams.
When scammers use your domain, it damages trust with your customers. DMARC ensures only authorized emails are delivered.
Major email providers (Gmail, Yahoo, Outlook) require DMARC for bulk senders. Proper configuration ensures your emails reach inboxes.
DMARC reports show you who's sending emails from your domain, helping you identify unauthorized senders and authentication issues.
DMARC requires SPF and DKIM to be configured first. These authenticate your legitimate email sources.
Learn about SPF and DKIM →Generate a DMARC record with your preferred policy. Start with p=none to monitor without blocking.
v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
Add the DMARC record to your DNS as a TXT record at _dmarc.yourdomain.com
This usually takes 24-48 hours to propagate
Review aggregate reports (rua) to understand your email traffic and identify authentication issues.
Once confident, change policy from 'none' to 'quarantine' or 'reject' to actively protect your domain.
No action taken on failed emails. Use this to collect data and identify legitimate sources before enforcing.
Perfect when first implementing DMARC
Failed emails are sent to spam/junk folder. Provides protection while reducing risk of false positives.
Good middle-ground for most domains
Failed emails are completely rejected and not delivered. Strongest security but requires confidence in your setup.
Best for domains with mature email authentication
This section is ready for your content. You can customize it to match your needs.
Highlight your main benefits and what makes you special.
Showcase additional value you provide to customers.
This section is ready for your content. You can customize it to match your needs.
Highlight your main benefits and what makes you special.
Showcase additional value you provide to customers.
This section is ready for your content. You can customize it to match your needs.
Highlight your main benefits and what makes you special.
Showcase additional value you provide to customers.