How long does DMARC setup take?

Creating your DMARC record takes about 5 minutes. After adding it to your DNS, allow 5-30 minutes for DNS propagation. You'll start receiving reports within 24-48 hours.

What happens if I make a mistake in my DMARC record?

Our generator validates your DMARC record in real-time to prevent syntax errors. If you need to make changes after deployment, simply update the TXT record in your DNS settings with a new record from our generator.

What's the difference between 'none', 'quarantine', and 'reject' policies?

Policy 'none' monitors email activity without blocking anything (recommended for beginners). Policy 'quarantine' sends suspicious emails to spam folders. Policy 'reject' blocks suspicious emails entirely. Start with 'none' and progress based on your reports.

Can I change my DMARC policy later?

Yes, you can update your DMARC policy anytime. Simply generate a new record with our tool and update the TXT record in your DNS settings. Changes take effect within 5-30 minutes.

Do I need DMARC if I use Gmail or Microsoft 365?

Yes. Even with trusted email providers, DMARC protects your domain from spoofing and phishing. Gmail and Microsoft 365 support DMARC and recommend its implementation for all domains.

10,000+ Free DMARC Checks Daily

Free DMARC Generator Secure Your Email in 5 Minutes

Stop spoofing and improve deliverability. Enter your domain below to create your custom DMARC record instantly.

No signup required. Real-time validation.

Policy Configuration

Policy (p) - Required

Start with "none" to gather data without risking email loss. Learn more

Subdomain Policy (sp) - Optional

Reporting (Where to send data)

Aggregate Report URIs (rua)

Receive daily summaries of who is sending email as you. Separate multiple emails with commas.

Forensic Report URIs (ruf) - Optional

Failure Options (fo) - Optional

0 - All checks fail (default) 1 - Any check fails

Advanced Alignment (Optional)

DKIM Alignment

SPF Alignment

Generated Record

_dmarc TXT

TXT Record: _dmarc.[domain]

v=DMARC1; p=none;

How to Deploy

1 Login to your DNS provider (GoDaddy, Cloudflare, Namecheap, etc).
2 Create a TXT record.
3 Host: _dmarc
4 Value: Paste the record above.

Verification

Test your configuration

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email security protocol that protects your domain from being used for phishing and email spoofing.

It builds upon two existing mechanisms, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). DMARC allows you to specify how email receivers should handle emails that fail authentication, and provides reporting capabilities so you can monitor who is sending email on your behalf.

Frequently Asked Questions

Will DMARC break my email delivery?

No, provided you start safely. We recommend starting with policy p=none. This "monitoring mode" ensures no legitimate email is blocked while you gather data. Once you are confident all your legitimate senders (like Mailchimp, Salesforce, Google Workspace) are authenticating correctly, you can move to p=quarantine or p=reject.

What is the difference between the policies?

None (p=none): Monitors traffic. No action taken against failing emails. Start here.

Quarantine (p=quarantine): Emails failing checks are sent to the recipient's spam folder.

Reject (p=reject): Emails failing checks are blocked completely. Maximum security.

Do I need DMARC for Gmail or Outlook?

Yes. While Google and Microsoft protect their infrastructure, they can't stop someone from spoofing your custom domain unless you publish a DMARC record. In fact, starting Feb 2024, Google and Yahoo require DMARC for bulk senders.