Use the DMARC record checker tool to validate
your DMARC records
In order to implement DMARC you need a valid DMARC record. At Mimecast we provide a free and easy to use DMARC Record Checker to display your DMARC record, test it and verify that it is valid. To perform a DMARC record check you will only need to provide your domain name. The DMARC Record Check will then parse your DMARC record and display the DMARC record along with additional information.
Use the DMARC Record Checker to test and lookup your DMARC record. The DMARC Record Checker will also verify and test if you are using external domains.
Using the DMARC record checker
When a domain is submitted, the DMARC record checker will lookup the DMARC record from the DNS. The DMARC record checker gives an error message if no record is available or if it’s not valid. If a record is found, the DMARC record checker will display the DMARC policy (monitor, quarantine or reject). Read more about the DMARC Policies. Please check the tags that are used within the table below . After performing a DMARC Record check, any problems will be displayed in the result. Use the DMARC Record Checker to test and lookup your DMARC record. The DMARC Record Checker will also verify and test if you are using external domains.
Full DMARC record
|v||DMARC protocol version.|
|p||Apply this policy to email that fails the DMARC check. This policy be set to 'none', 'quarantine', or 'reject'. 'none' is used to collect the DMARC report and gain insight into the current emailflows and their status.|
|rua||A list of URIs for ISPs to send XML feedback to. NOTE: this is not a list of email addresses. DMARC requires a list of URIs of the form 'mailto:email@example.com'.|
|ruf||A list of URIs for ISPs to send forensic reports to. NOTE: this is not a list of email addresses. DMARC requires a list of URIs of the form 'mailto:firstname.lastname@example.org'.|
|pct||The percentage tag instructs ISPs to only apply the DMARC policy to a percentage of failing email's. 'pct = 50' will tell receivers to only apply the 'p = ' policy 50% of the time against email's that fail the DMARC check. NOTE: this will not work for the 'none' policy, but only for 'quarantine' or 'reject' policies.|
|fo||0||Forensic options. Allowed values: '0' to generate reports if both DKIM and SPF fail, '1' to generate reports if either DKIM or SPF fails to produce a DMARC pass result, 'd' to generate report if DKIM has failed or 's' if SPF failed.|
|rf||afrf||The reporting format for forensic reports. This can be either 'afrf' or 'iodef'.|
|adkim||r||Specifies the 'Alignment Mode' for DKIM signatures, this can be either 'r' (Relaxed) or 's' (Strict). In Relaxed mode also authenticated DKIM signing domains (d=) that share a Organizational Domain with an emails From domain will pass the DMARC check. In Strict mode an exact match is required.|
|aspf||r||Specifies the 'Alignment Mode' for SPF, this can be either 'r' (Relaxed) or 's' (Strict). In Relaxed mode also authenticated SPF domains that share a Organizational Domain with an emails From domain will pass the DMARC check. In Strict mode an exact match is required.|
|sp||p=value||This policy should be applied to email from a sub-domain of this domain that fail the DMARC check. Using this tag domain owners can publish a 'wildcard' policy for all subdomains.|
|ri||86400||The reporting interval for how often you'd like to receive aggregate XML reports. This is a preference and ISPs could (and most likely will) send the report on different intervals (normally this will be daily).|
Would you like your results emailed to you?
Your form has been submitted.