DMARC Generator

Generate and validate DMARC (Domain-based Message Authentication, Reporting & Conformance) records.

Domain Configuration

Configure your domain for DMARC policy

Domain Name

DMARC Policy

Define how receivers should handle emails that fail DMARC authentication

Domain PolicyNONE

Subdomain Policy (Optional)

Policy Percentage: 100%

1%100%

Percentage of emails to which the DMARC policy applies

Alignment Settings

Configure SPF and DKIM alignment requirements

SPF Alignment

DKIM Alignment

Reporting Configuration

Configure aggregate and forensic reporting

Aggregate Reports (RUA)

Daily aggregate reports of DMARC results

Forensic Reports (RUF)

Individual failure reports (may contain sensitive data)

Report Interval

Learn About DMARC

Understanding DMARC records and email authentication

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds upon SPF and DKIM to provide domain owners with the ability to protect their domain from unauthorized use.

DMARC Record Parameters

Policy (p=)

Specifies how to handle emails that fail DMARC authentication:

p=none - Monitor only, no action taken (recommended for initial deployment)
p=quarantine - Move suspicious emails to spam/junk folder
p=reject - Reject emails that fail authentication

Subdomain Policy (sp=)

Optional policy for subdomains, same values as main policy:

sp=none - Monitor subdomains
sp=quarantine - Quarantine subdomain emails
sp=reject - Reject subdomain emails

Percentage (pct=)

Percentage of emails to apply the policy to (1-100):

pct=25 - Apply policy to 25% of emails
pct=100 - Apply policy to all emails (default)

Alignment Modes

How strictly to check domain alignment:

aspf=r - Relaxed SPF alignment (default, allows subdomains)
aspf=s - Strict SPF alignment (exact domain match)
adkim=r - Relaxed DKIM alignment (default)
adkim=s - Strict DKIM alignment

Reporting URIs

Email addresses to receive DMARC reports:

rua=mailto:dmarc@example.com - Aggregate reports (daily summaries)
ruf=mailto:forensic@example.com - Forensic reports (individual failures)

Common DMARC Record Examples

Basic Monitoring Record:

v=DMARC1; p=none; rua=mailto:dmarc@example.com

Start with this to monitor without affecting email delivery

Gradual Enforcement Record:

v=DMARC1; p=quarantine; pct=25; rua=mailto:dmarc@example.com; ruf=mailto:forensic@example.com

Quarantine 25% of failing emails while monitoring

Strict Protection Record:

v=DMARC1; p=reject; sp=reject; aspf=s; adkim=s; rua=mailto:dmarc@example.com

Maximum protection with strict alignment for domain and subdomains

Key Benefits:

Prevents email spoofing and phishing attacks
Improves email deliverability for legitimate emails
Provides visibility into email authentication failures
Allows gradual policy enforcement
Protects brand reputation

DMARC requires both SPF and DKIM to be properly configured before implementation. Always start with p=none to monitor before enforcing policies.

Related Tools

Analyze DMARC policies

Header Analyzer

Analyze email headers

DKIM Checker

Verify DKIM signatures

WHOIS Lookup

Domain registration info

SMTP Test

Test SMTP connectivity

SSL Certificate

Check SSL certificates

DNS Propagation

Check DNS propagation

Ping Test

Test network connectivity

Check your IP address

Need Help?

Our tools are designed to be intuitive, but if you need assistance, we're here to help.

Contact Support

About Our Tools

Professional-grade email and DNS diagnostic tools trusted by IT professionals worldwide.

Free to UseNo RegistrationReal-time Results