Validate and analyze the DMARC policy for any domain. Detect misconfigurations and policy strength.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication policy that builds on SPF and DKIM. It tells receiving mail servers what to do when an email fails SPF or DKIM checks: none (monitor only), quarantine (send to spam), or reject (block entirely).
DMARC also enables domain owners to receive reports about email sent on their behalf, helping identify legitimate and illegitimate senders and combat phishing and email spoofing attacks.
| Policy | Action | Security Level |
|---|---|---|
p=none | No action taken — monitoring only | Low |
p=quarantine | Move failing emails to spam/junk | Medium |
p=reject | Reject/block failing emails entirely | High ✓ |