Free DMARC Checker

Check DMARC Records for Errors Fast. Enter any valid domain in the field below.

Why use email authenticationⓘ with DMARC?

DMARC records are an essential tool for monitoring emails sent from your domain. It's essential to prevent spoofing and ransomware attacks carried out using your company name.

What is DMARC?

Domain-Based Messaging, Authentication and Conformance (DMARC) is an email authenticationⓘ and security protocol that aids in stopping spoofing, spam, and malicious attacks using your company's email domain.

DMARC records aren't helpful by themselves. They're meant to be used in conjunction with additional email authenticationⓘ protocols, such as SPF and DKIM.

Sender Policy Framework (SPF) - SPF records contain a list of domains that may send emails using your company's domain name.
DomainKeys Identified Mail (DKIM) - DKIM encrypts your emails with a digital signature. Your domain has a public key (listed in your DNS records), and the email service provider (ESP) has a private key (added to each new email). These two keys must align.

DMARC's role is to instruct ESPs on what to do if an email they receive fails either the SPF or DKIM check. You can control what happens to these emails by indicating one of the available policy types in your DMARC record.

A woman in a pink blouse holds a tablet next to a graph titled 'DMARC Compliance' which sits at 79%.

What are the DMARC policies I can use?

When configuring your DMARC record, you establish one of three primary policy types.

Note - Casing matters when adding your policy to your DMARC record.

none — Do nothing if an email is sent from an unknown sender.
quarantine — Direct emails from unknown senders to the spam folder and may also flag them as untrustworthy or risky.
reject — Block all emails sent by unknown senders.

If you're new to DMARC, it's recommended that you use' none' so that you can observe where emails are sent throughout your company.

As you familiarize yourself with your company's sending habits, you can safely update your record to quarantine or reject suspicious and untrustworthy emails to stop potential spoofing and ransomware attacks.

A man in a blue shirt works at his desk with one hand on his Mac keyboard and another on his laptop as he uses the DMARC checker to review compliance for a three domains.

Need to create a DMARC record fast?

Try the free generator

Why should I use a free DMARC checker online?

While DMARC authentication is critical for email security, misconfiguring your record can cause email deliverabilityⓘ problems.

The free DMARC record checker provides all you need for error assessment:

DMARC record verification
DMARC syntax check
DMARC external validation
DMARC policy checker - none, quarantine, reject
If the policy is enabled
Check if multiple DMARC records are present

Instead of trial and error, use the DMARC checker to rapidly pinpoint DMARC errors and correct them before they cause your emails to go undelivered.

A man in blue and a woman in a green blouse look intently at a tablet.

Interpreting your DMARC checker results

For each DMARC checker field, there is a list of possible values that you may use. If the field doesn't contain one of those values (or contains no value), it will indicate that it's not a valid choice.

For syntax errors, the DMARC checker will list the discovered errors separated by a semicolon.

Here are the possible results and what they mean for you:

Record Found — Possible values (true, false): This indicates whether or not a DMARC record is present in the provided domain's DNS records.

Syntax Errors — This field lists all discovered syntax errors within the found DMARC record (i.e., report format, policy type, adkim, etc.)

Multiple Records Found - If there is more than one DMARC record, the value will be 'true.' If not,' it will show as 'false.'

Policy Not Enabled - In addition to selecting a policy type (none, quarantine, reject), the policy must be enabled. The result will be 'true' or 'false' accordingly.

Example DMARC checker results which show information on the DMARC record's field and values, such as 'record found,' 'syntax errors,' 'subdomain policy type,' and 'record format.'

Common issues detected by DMARC policy checkers

Anytime you generate and add a DMARC record to your email domain, it's highly recommended to use a DMARC checker.

Here are some of the most common DMARC issues that DMARC policy checkers detect (so that you can avoid them!)

Syntax errors - Syntax errors are some of the most common errors when creating any type of record. Anything outside of what's allowed is considered a syntax error. As such, it's unrealistic to list all of the possible errors.
Using a free DMARC generator can minimize the chance of syntax errors. You can input your chosen values, and the generator will output the entire record using the proper format.
Invalid policy tags - There are only three DMARC policy types you can select (and they must be lowercase): none, quarantine, and reject. Misspelling these or mistakenly using a nonexistent tag like 'block' or 'accept' will result in an error.
Using the incorrect alignment - One of the most common problems we've seen senders experience when using DMARC is jumping to a strict policy like 'reject' immediately. As a result, they often end up blocking emails from employees and teams within the company.

It's recommended that you set your initial DMARC policy to 'none' and observe the activity. Once you gain a better understanding of who's sending emails (support, sales, etc.), you may adjust. You'll also have the data you need to make necessary updates to your SPF and DKIM email authenticationⓘ protocols.

Important note - Many perceived DMARC errors relate to your DKIM and SPF records. If your DMARC checker results indicate no errors, be sure to investigate your DNS records for other possible issues.

A businesswoman wearing a white top and beige blazer smiles slightly while holding and typing on a tablet.

Advanced DMARC checker analysis

Implementing a DMARC record and using the DMARC checker is essential but only the first step to stronger email security.

To maximize DMARC's benefits, it's strongly recommended that you use a DMARC Monitorⓘ. It's highly effective at detecting and preventing sophisticated email threats and automatically generates reports on every email sent using the described email domain.

Here's how it works:

1. Enter the domain you want to keep an eye on with the DMARC Monitorⓘ.

The 'Add Domain' pop-up screen for ZeroBounce's DMARC Monitor.

2. Use the easy-to-follow three-prompt tool to create a DMARC record.

Your policy will default to the recommended 'none' for essential monitoring. However, you can access the advanced settings to customize your DMARC record at any time.

ZeroBounce's DMARC Monitor 'Set up DMARC' screen, which lets you select type, hostname, and value.

3. Just hit 'Verify DMARC Record'!

Once ZeroBounce verifies your DMARC record, the DMARC Monitorⓘ will begin to populate with stats daily, including:

Total emails sent/reported
Emails monitored, quarantined, or rejected (as per your policy)
Your total DMARC complianceⓘ success rate

Plus, the DMARC Monitorⓘ contains a host of valuable data such as:

SPF and DKIM record confirmation
DKIM and SPF alignment rate
A list of source IPs and the number of emails sent
Geolocation data
Alerts with details on any suspicious email activity

The ZeroBounce DMARC Monitor dashboard graph shows 55,985 emails reported and 99.8% DMARC compliance. Below it is a map showing 'Request by country.'

Email authenticationⓘ with DMARC simplified

Detect and prevent email threats and attacks with 24/7 DMARC monitoring.

Get started with DMARC Monitoring today using the email deliverabilityⓘ toolkit (best value)

View our plans

What is DMARC?

Domain-Based Messaging, Authentication and Conformance (DMARC) is an and security protocol that aids in stopping spoofing, spam, and malicious attacks using your company's email domain.

DMARC records aren't helpful by themselves. They're meant to be used in conjunction with additional protocols, such as SPF and DKIM.

Sender Policy Framework (SPF) - SPF records contain a list of domains that may send emails using your company's domain name.

DomainKeys Identified Mail (DKIM) - DKIM encrypts your emails with a digital signature. Your domain has a public key (listed in your DNS records), and the email service provider (ESP) has a private key (added to each new email). These two keys must align.

Why should I use a free DMARC checker online?

While DMARC authentication is critical for email security, misconfiguring your record can cause problems.

The free DMARC record checker provides all you need for error assessment:

DMARC record verification

DMARC syntax check

DMARC external validation

DMARC policy checker - none, quarantine, reject

If the policy is enabled

Check if multiple DMARC records are present

Instead of trial and error, use the DMARC checker to rapidly pinpoint DMARC errors and correct them before they cause your emails to go undelivered.

Advanced DMARC checker analysis

Implementing a DMARC record and using the DMARC checker is essential but only the first step to stronger email security.

To maximize DMARC's benefits, it's strongly recommended that you use a . It's highly effective at detecting and preventing sophisticated email threats and automatically generates reports on every email sent using the described email domain.

Here's how it works:

Frequently asked questions

A DMARC checker is a free tool that looks up a DMARC record on the provided domain. If one is found, it will check the necessary values for errors, including:

Free DMARC Checker

Why use email authenticationⓘ with DMARC?