Free DMARC Checker
Check DMARC Records for Errors Fast. Enter any valid domain in the field below.
Why use email authentication with DMARC?
DMARC records are an essential tool for monitoring emails sent from your domain. It’s essential to prevent spoofing and ransomware attacks carried out using your company name.
What is DMARC?
Domain-Based Messaging, Authentication and Conformance (DMARC) is an email authentication and security protocol that aids in stopping spoofing, spam, and malicious attacks using your company’s email domain.
DMARC records aren’t helpful by themselves. They’re meant to be used in conjunction with additional email authentication protocols, such as SPF and DKIM.
- Sender Policy Framework (SPF) - SPF records contain a list of domains that may send emails using your company’s domain name.
- DomainKeys Identified Mail (DKIM) - DKIM encrypts your emails with a digital signature. Your domain has a public key (listed in your DNS records), and the email service provider (ESP) has a private key (added to each new email). These two keys must align.
DMARC’s role is to instruct ESPs on what to do if an email they receive fails either the SPF or DKIM check. You can control what happens to these emails by indicating one of the available policy types in your DMARC record.
What are the DMARC policies I can use?
When configuring your DMARC record, you establish one of three primary policy types.
Note - Casing matters when adding your policy to your DMARC record.
- none — Do nothing if an email is sent from an unknown sender.
- quarantine — Direct emails from unknown senders to the spam folder and may also flag them as untrustworthy or risky.
- reject — Block all emails sent by unknown senders.
If you’re new to DMARC, it's recommended that you use' none' so that you can observe where emails are sent throughout your company.
As you familiarize yourself with your company’s sending habits, you can safely update your record to quarantine or reject suspicious and untrustworthy emails to stop potential spoofing and ransomware attacks.
Need to create a DMARC record fast?
Why should I use a free DMARC checker online?
While DMARC authentication is critical for email security, misconfiguring your record can cause email deliverability problems.
The free DMARC record checker provides all you need for error assessment:
- DMARC record verification
- DMARC syntax check
- DMARC external validation
- DMARC policy checker - none, quarantine, reject
- If the policy is enabled
- Check if multiple DMARC records are present
Instead of trial and error, use the DMARC checker to rapidly pinpoint DMARC errors and correct them before they cause your emails to go undelivered.
Interpreting your DMARC checker results
For each DMARC checker field, there is a list of possible values that you may use. If the field doesn’t contain one of those values (or contains no value), it will indicate that it’s not a valid choice.
For syntax errors, the DMARC checker will list the discovered errors separated by a semicolon.
Here are the possible results and what they mean for you:
Record Found — Possible values (true, false): This indicates whether or not a DMARC record is present in the provided domain’s DNS records.
Syntax Errors — This field lists all discovered syntax errors within the found DMARC record (i.e., report format, policy type, adkim, etc.)
Multiple Records Found - If there is more than one DMARC record, the value will be ‘true.’ If not,’ it will show as ‘false.’
Policy Not Enabled - In addition to selecting a policy type (none, quarantine, reject), the policy must be enabled. The result will be ‘true’ or ‘false’ accordingly.
Common issues detected by DMARC policy checkers
Anytime you generate and add a DMARC record to your email domain, it’s highly recommended to use a DMARC checker.
Here are some of the most common DMARC issues that DMARC policy checkers detect (so that you can avoid them!)
Syntax errors - Syntax errors are some of the most common errors when creating any type of record. Anything outside of what’s allowed is considered a syntax error. As such, it’s unrealistic to list all of the possible errors.
Using a free DMARC generator can minimize the chance of syntax errors. You can input your chosen values, and the generator will output the entire record using the proper format.
- Invalid policy tags - There are only three DMARC policy types you can select (and they must be lowercase): none, quarantine, and reject. Misspelling these or mistakenly using a nonexistent tag like ‘block’ or ‘accept’ will result in an error.
- Using the incorrect alignment - One of the most common problems we’ve seen senders experience when using DMARC is jumping to a strict policy like ‘reject’ immediately. As a result, they often end up blocking emails from employees and teams within the company.
It’s recommended that you set your initial DMARC policy to ‘none’ and observe the activity. Once you gain a better understanding of who’s sending emails (support, sales, etc.), you may adjust. You’ll also have the data you need to make necessary updates to your SPF and DKIM email authentication protocols.
Important note - Many perceived DMARC errors relate to your DKIM and SPF records. If your DMARC checker results indicate no errors, be sure to investigate your DNS records for other possible issues.
Advanced DMARC checker analysis
Implementing a DMARC record and using the DMARC checker is essential but only the first step to stronger email security.
To maximize DMARC’s benefits, it’s strongly recommended that you use a DMARC Monitor. It’s highly effective at detecting and preventing sophisticated email threats and automatically generates reports on every email sent using the described email domain.
Here’s how it works:
1. Enter the domain you want to keep an eye on with the DMARC Monitor.
2. Use the easy-to-follow three-prompt tool to create a DMARC record.
Your policy will default to the recommended ‘none’ for essential monitoring. However, you can access the advanced settings to customize your DMARC record at any time.
3. Just hit ‘Verify DMARC Record’!
Once ZeroBounce verifies your DMARC record, the DMARC Monitor will begin to populate with stats daily, including:
- Total emails sent/reported
- Emails monitored, quarantined, or rejected (as per your policy)
- Your total DMARC compliance success rate
Plus, the DMARC Monitor contains a host of valuable data such as:
- SPF and DKIM record confirmation
- DKIM and SPF alignment rate
- A list of source IPs and the number of emails sent
- Geolocation data
- Alerts with details on any suspicious email activity
Email authentication with DMARC simplified
Detect and prevent email threats and attacks with 24/7 DMARC monitoring.
Get started with DMARC Monitoring today using the email deliverability toolkit (best value)
BEST VALUE
Starter
Package includes
50 Inbox placement tests
50 Email server tests
10 Blacklist monitors
1000 Email Finder searches
2 DMARC monitor domains
Frequently asked questions
A DMARC checker is a free tool that looks up a DMARC record on the provided domain. If one is found, it will check the necessary values for errors, including
- If a DMARC record is found
- Syntax errors
- DMARC policy type
- DMARC policy enabled
- Report Format
- If multiple DMARC records are present
Yes. You can visit the DMARC validation tool at any time to check DMARC records for any domain.
The DMARC record checker looks for syntax errors as well as disallowed values for the required fields. It will show the found (or missing) value identified in the record so that you can quickly locate errors and update them accordingly.
It’s recommended that you check DMARC records whenever you create a new one before adding it to your DNS. Additionally, if you’re experiencing email deliverability issues, you should use a DMARC checker along with an SPF and DKIM checker to diagnose any potential misconfiguration with your email authentication.
The free DMARC checker only looks at the DMARC record that’s found. If you want to monitor SPF, DKIM, and DMARC simultaneously, it’s recommended to use a DMARC Monitor.
DMARC enhances your email security by providing email service providers with clear instructions on how to treat suspicious or untrustworthy emails using your domain. Using DMARC will help prevent sophisticated email attacks and spoofing. Not only will this protect your employees and customers, but it will protect your email sender reputation by eliminating opportunities for spammers and other threats to misuse your company’s email domain.