Free Tool - No Signup Required
DMARC Record Generator
Create a DMARC policy to protect your domain from email spoofing. Configure reporting, enforcement level, and alignment.
Policy
Reporting
Daily aggregate reports showing email authentication results. Separate multiple emails with commas.
Per-message failure reports. Not all providers send these.
Your DMARC Record
Add a reporting email (rua) to receive DMARC reports. Without it, you won't know if legitimate emails are failing.
v=DMARC1; p=none
How to add this record:
- Log in to your DNS provider
- Add a new TXT record with host:
_dmarc - Paste the DMARC record above as the value
- Save and wait for DNS propagation
Frequently Asked Questions
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that builds on SPF and DKIM. It tells receiving mail servers what to do when an email fails authentication checks, and provides reporting so you can monitor your domain's email security.
What is the recommended DMARC rollout path?
Start with p=none to collect reports without affecting mail delivery. Analyze the reports to identify all legitimate sending sources. Then move to p=quarantine to send suspicious emails to spam. Finally, move to p=reject for full protection. This gradual approach avoids accidentally blocking legitimate email.
What are DMARC aggregate reports (rua)?
Aggregate reports are XML files sent daily by mail receivers. They show which IPs are sending email using your domain, whether those emails pass or fail SPF/DKIM/DMARC, and how many messages were processed. Use a free DMARC report analyzer to make sense of the raw XML data.
What is DMARC alignment?
Alignment means the domain in the "From" header matches the domain that passed SPF or DKIM. "Relaxed" alignment allows subdomains (mail.example.com aligns with example.com). "Strict" alignment requires an exact domain match. Relaxed is recommended for most setups.
What does the percentage (pct) tag do?
The pct tag specifies what percentage of failing messages the policy applies to. For example, pct=25 means only 25% of failing emails get quarantined or rejected. This allows gradual rollout. Start at 25%, monitor reports, then increase to 50%, 75%, and finally 100%.