Free Tool

Free DMARC Record Checker

Parse a DMARC record tag-by-tag, flag misconfigurations (missing policy, missing reporting, low pct), and tell you what each tag actually does.

How it works

Enter a domain

We query the _dmarc subdomain for TXT records — that's where DMARC lives by spec.

Parse each tag

p, sp, pct, rua, ruf, adkim, aspf, fo, ri — annotated so you remember what each does.

Catch the gotchas

Missing 'p=', stuck at 'p=none', no rua, mixed sp/p — all surfaced.

Frequently asked questions

Where should I start with DMARC?+

Publish p=none with a rua= report mailbox, monitor for a few weeks, then move to p=quarantine and finally p=reject. Skipping p=none risks breaking legitimate mail flows you didn't know about.

Why is pct=100 the right default?+

pct controls how much of failing mail the policy applies to. Lower values are useful during rollout to limit impact. Once you trust the data, pct=100 is correct.

Does DMARC require SPF and DKIM?+

DMARC needs at least one to pass — and the passing record must align with the From: domain. Most real deployments use both for redundancy.

What does 'alignment' mean?+

Alignment is whether the domain that authenticated (via SPF or DKIM) matches the From: header domain. Strict means exact match, relaxed allows subdomains. Most senders use relaxed.

Building a SaaS that needs custom domains?

Domainee is the API for adding customer custom domains to your product. One CNAME, automatic TLS, no DevOps to staff.

Start for free Read the docs

50 custom domains and 100 GB bandwidth free, forever.

More free tools

SSL

Free DMARC Record Checker

How it works

Enter a domain

Parse each tag

Catch the gotchas

Frequently asked questions

Building a SaaS that needs custom domains?

More free tools

Free SSL Certificate Checker

Free DNS Record Lookup

Free WHOIS Lookup

Free CNAME Lookup & Generator

Free HTTP Header Checker

Free DNS Propagation Checker