Winner Medal PCMag's Editor's Choice 3 Years in a Row

See what others are searching for!

Domain Name Real-Time Searches

What is DMARC Analyzer?

This DMARC Analyzer tool will show you the current DMARC record of the domain name entered above.

What is the DMARC Record?

DMARC stands for Domain-based Message Authentication, Reporting & Conformance. It is a TXT record in DNS. DMARC record uses SPF (Sender policy framework) and DKIM (DomainKeys identified mail) to verify whether an email is forged or not. You need to add a DMARC record to your domain to control what to do if an email fails to authenticate. (failed to authenticate means an incoming server can not verify the sender of an email).

Example of DMARC Record :

This is an example of a DMARC record. You need to enter this as a TXT record with your domain's DNS manager.

v=DMARC1; pct=50; p=quarantine;sp=reject;rua=mailto:postmaster@example.com;ruf=mailto:postmaster@example.com; rf=afrf;

Structure of DMARC Record :

DMARC Tags Descriptions
(v) - Version It represents the protocol version.
Example: v=DMARC1
(p) - policy P tag refers to the policy for the domain. It instructs the receiver to report quarantine or reject emails that fail in authentication checks.
Policy options are:
1) None -- It means there is no instruction for the email recipient to take any action with the emails that fail to authenticate.
2) Quarantine -- Instructs recipient email server to quarantine unqualified emails (fails in DMARC authentication) that further move to the junk folder.
3) Reject -- Instruct the recipient email server to reject the unqualified. emails (fails in DMARC authentication)
(pct) - percentage PCT or percentage of email messages subjected to filtering with DMARC policy specification.
Example : v=DMARC1; p=quarantine; pct=50; -- 50% emails that fail with DMARC will be quarantine
This tag (rua) reports the aggregated data to the mentioned email address with high-level information of DMARC failures report. However, it does not contain the granular details of each incident. Example: rua=mailto:postmaster@example.com
(ruf) - Reporting Email Address This tag guides the recipient mail server to send forensic reports of DMARC failures to the mentioned email address. These reports include individual failure details.
Example: ruf=mailto:postmaster@example.com
~(fo) - Failure Reporting Options It is an optional tag and determines what type of report you want to receive to the reporting email address.
Example :
fo=0: It is a default value. Generate DMARC failure report if the SPF and DKIM (authentication mechanisms) fail to align pass result.
fo=1: Generate a DMARC failure report if SPF or DKIM (authentication mechanism) gives other than an aligned pass result.
fo=d: Generate a DKIM failure report if the email failed to pass DKIM.
fo=s: Generate an SPF failure report if the email failed to pass SPF.
(aspf) - ASPF Tag aspf tag represents the alignment mode for SPF. It is an optional tag. (r) for relaxed mode and (s) for strict mode.
Example:
aspf=r --relaxed mode. Emails FROM domain and the Header From domain must match or a parent/child match (i.e. example.com and subdomain.example.com). Other than that, the email will fail.
aspf=s -- strict mode. EmailsMail FROM domain and the Header From domain must match. Other than that, the email will fail.
DMARC Analyzer - Google Docs It is similar to aspf and an optional tag. adkim tag represents the DKIM alignment. (r) for relaxed mode and (s) for strict mode. If we omitted this tag, the default value would be set to relaxed mode.
Example:
adkim=r -- relaxed mode. DKIM domain and the Header From domain must match or a parent/child match (i.e. example.com and subdomain.example.com). Other than that, the email will fail.
adkim=s -- strict mode. DKIM domain and the Header From domain must match. (i.e. example.com and subdomain.example.com). Other than that, the email will fail.
(rf) - Report Format rf tag declares how to formate the forensic report of DMARC failure. It is an optional tag.
Example:
rf=afrf -- It is a default and only supported value. The full form of afrf is authentication Failure Reporting Format. Other than afrf in DMARC record, will be disregarded.
(ri)- Report Interval ri tag determines the report interval time. How often you want to receive aggregated reports of DMARC failures. You can mention the time in seconds. It defines the interval between two reports send. The default value is 86400 seconds equals 24 hours. We can also set it to (72 or 96 hours).
Example :
ri=86400; -- send reports at the interval of 86400 seconds.
(sp) - Subdomain Policy sp tag uses to apply the DMARC policy to subdomains. If we use it in DMARC, the recipient email server will apply the same DMARC policy to subdomains.
Example:
sp=reject; -- Reject emails from all the subdomains of example.com

Benefits of DMARC Record

It will prevent any unauthorized use of your mail domain. DMARC will protect your domain against spam and fraud activities. Also, secure your email program more consistent and trustworthy.

Using DMARC reports, you can know who is sending email from your domain. It increases visibility for your email program.

DMARC records protect the use of your email domain from being spam, and eventually, it improves the domain's reputation.

DMARC allows domain owners to receive reports for their emails. Reports include,

  1. Unauthenticated emails.
  2. What percent of emails are correctly authenticated.
  3. From where the emails are coming.

How does DMARC Record work?

DMARC Record works along with the SPF and DKIM records. All three records work to gather to authenticate your emails and decide what you need to do with them. DMARC record of senders email domain will guide the recipient email server for the actions (e.g., None, Quarantine, or Reject it) if any suspicious emails are trying to come from the specific sender's email.

  • The domain owner will enter the DMARC Record in the DNS zone of the same domain.
  • Once an email is sent from the sender; the recipient email server will verify if it has the DMARC record added.
  • It will then check the SPF, DKIM authentication, and the alignment test to verify the email sender is from the actual domain mentioned in its header value.
  • Verifies if IP address from where email is received that authorized in SPF?
  • Verifies the email for the proper DKIM signature
  • Domain alignment test for the message headers.
  • With the DKIM & SPF results, the mail server applies the DMARC policy to quarantine, reject or do nothing with the email if the email failed to pass SPF and DKIM.
  • Finally, the recipient email server will send a report of the outcome (DMARC Report) to the email address mentioned in the DMARC Record.

Frequently Asked Questions

Check out various FAQs on our Network Speed Test Tools.