DMARC Checker: Check Your DMARC Record in Seconds
A DMARC checker tells you whether your domain has a DMARC record and whether that record actually protects you from email spoofing. Enter your domain above and this DMARC check reads your live DNS, finds your _dmarc record, and reports its policy in plain English.
DMARC is the record that tells Gmail, Outlook, and other providers what to do with email that fails authentication. Without it, anyone can send email that appears to come from your domain, and you have no visibility into it. This check shows you exactly where your domain stands.
What this DMARC checker looks for
When you run the check, it queries the TXT record at _dmarc.yourdomain.com and reads every part of it.
- Whether a DMARC record exists at all, since many domains have none
- Your policy (p=) — none, quarantine, or reject — which decides what happens to spoofed mail
- Reporting addresses (rua), where aggregate reports are sent so you can see who is sending as you
- Common mistakes, such as a missing policy, a record published at the wrong name, or syntax providers ignore
How to read your DMARC check results
The result centres on your policy. p=none means you are only monitoring, so spoofed email is still delivered. p=quarantine sends failing mail to spam. p=reject blocks it outright, which is full protection.
A record at p=none gives a false sense of security: it exists, but it stops nothing. Enforcement, meaning quarantine or reject, is what actually prevents impersonation.
If the checker reports no record, your domain has no DMARC protection and no reporting, so impersonation can happen without your knowledge. Our guide to DMARC explains each part in detail.
What to do if your DMARC record is missing or weak
Fixing DMARC follows an order. SPF and DKIM have to be in place first, because DMARC relies on them. Then you publish a DMARC record at p=none to collect reports, confirm your real senders pass, and move to quarantine and then reject.
Moving straight to reject without checking reports can block your own legitimate email, so the staged rollout matters.
If you would rather not manage the rollout yourself, readyDMARC configures DMARC and monitors it for you.
Frequently Asked Questions
How do I check my DMARC record?
Enter your domain in the checker above. It reads the TXT record at _dmarc.yourdomain.com from live DNS and reports whether a record exists, what policy it sets, and where reports are sent. You can also look it up manually with a DNS query for that hostname.
What does a good DMARC record look like?
A protective record uses an enforcement policy, p=quarantine or p=reject, and includes a rua address so you receive aggregate reports. A record at p=none only monitors and does not stop spoofing, so it is a starting point rather than a finished setup.
Why does my DMARC checker say no record found?
It means no DMARC record is published at _dmarc for your domain, so providers have no instructions for email that fails authentication. Your domain can be impersonated without any report reaching you. Publishing a record is the fix.
Is checking DMARC enough to be protected?
Checking is the first step. Protection comes from a record set to quarantine or reject, backed by correct SPF and DKIM, with reports monitored over time. The checker shows you the gap; closing it is the work.
A DMARC checker shows whether your domain is protected from email spoofing or open to it. Run the check above to see your record, policy, and SPF and DKIM status.
If the result shows a missing record or a policy stuck at none, readyDMARC sets up DMARC properly and monitors it so impersonation is actually blocked.
More free tools
SPF Checker
Free SPF checker. Check your domain's SPF record, see which servers can send your email, and find errors like too many lookups or an unsafe +all.
Run the check→DKIM Checker
Free DKIM checker. Check your domain's DKIM record across common provider selectors and confirm your emails carry a valid DKIM signature, plus SPF and DMARC.
Run the check→MX Lookup
Free MX lookup. Find your domain's mail servers, identify your email provider, and check your MX records along with SPF, DKIM, and DMARC.
Run the lookup→A checker shows the gap. Fixing it safely is the hard part.
Email authentication is fiddly and easy to break. One wrong record can let spoofers through or stop your real email arriving. Our specialists configure SPF, DKIM, and DMARC and roll it out safely, so it's set up correctly from the start.