Skip to content
Pricing RU Sign In
RU

How to Configure DMARC Record

By · Updated
TL;DR:

To set up DMARC: (1) ensure SPF and DKIM already work; (2) add TXT record _dmarc.example.com with value v=DMARC1; p=none; rua=mailto:reports@example.com; (3) after 2-4 weeks of monitoring switch to p=quarantine, then p=reject.

Try it now — free →

Step-by-step guide

  1. Check SPF and DKIM. DMARC works on top of SPF+DKIM. Without them DMARC is meaningless. Check via: /en/email-check.
  2. Create _dmarc TXT record. In DNS management add: _dmarc.example.com. TXT "v=DMARC1; p=none; rua=mailto:dmarc@example.com"
  3. Start with p=none. Report-only — nothing blocked. Collect data for 2-4 weeks via rua.
  4. Switch to quarantine. When you see all legitimate mail passing SPF+DKIM: p=quarantine — suspicious messages go to spam.
  5. Finally — reject. After 4+ weeks of quarantine without issues: p=reject — DMARC-failing mail is dropped by recipient servers.

Open tool →

Related guides

SPF + DKIM + DMARCFull email protection triad check
Antispam StatusBlacklist check
MX ConfigurationCorrect mail server configuration
Email ScoreEmail deliverability score

Why teams trust us

MX
MX record check
SMTP
SMTP verification
SPF
SPF + DKIM + DMARC
Free
no signup

How it works

1

Enter email address

2

Check MX + SMTP

3

Get validity verdict

Why check email settings?

Proper SPF, DKIM, and DMARC configuration directly impacts email deliverability. Without these records, your emails land in spam or are rejected before delivery.

SPF Check

SPF record correctness: syntax, allowed server list, fail mechanism.

DKIM Analysis

Presence and validity of DKIM signature for the specified selector.

DMARC Policy

DMARC record parsing: policy, rua/ruf reports, SPF and DKIM alignment.

Email Score

Numerical delivery readiness score with improvement recommendations.

Who uses this

Email marketers

mailing list verification

Developers

registration validation

Sales

CRM contact check

Sysadmins

mail delivery troubleshooting

Common Mistakes

Missing SPF recordWithout SPF, emails from your domain are treated as potential spoofing.
SPF with ?all instead of -all?all means "neutral" — that's not protection. Use -all.
DMARC without policyp=none only collects reports. Move to p=quarantine or p=reject.
Not reading DMARC reportsDMARC generates reports on all emails. Analyze them to find unauthorized sending.

Best Practices

Deploy SPF → DKIM → DMARC sequentiallySPF first, then DKIM, then DMARC. Each step must work before moving to the next.
Start DMARC with p=noneCollect reports for 2–4 weeks, ensure all legitimate mail passes, then tighten policy.
Add rua report addressrua=mailto:dmarc@yourdomain.com — receive weekly aggregate reports.
Check after changing providerWhen changing hosting or ESP, always update SPF and DKIM keys.

Get more with a free account

Email check history and API keys for service integration.

Sign up free

Related tools

DNS LookupWHOISSSL CheckSecurity Check

Learn more

How-to

Glossary

Research

Frequently Asked Questions

Signup required?

No for quick check. For continuous monitoring — free account.

Start monitoring for free

Sign up and get access to API, monitoring and notifications

Create Account API Documentation