DMARC Record Generator
Pick a DMARC policy and reporting addresses, then copy a ready-to-publish _dmarc TXT record for your domain.
Collect reports without affecting delivery. Use while you verify your legitimate sources.
Optional. Overrides the policy for subdomains. Leave as inherit to use the main policy.
Optional. Percentage of messages the policy applies to (1–100). Defaults to 100 if omitted.
Optional. mailto: address that receives aggregate DMARC reports.
Optional. mailto: address that receives forensic (failure) reports.
How strictly the DKIM domain must match. Relaxed is the default.
How strictly the SPF domain must match. Relaxed is the default.
Record
v=DMARC1; p=none
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds on SPF and DKIM. It tells receiving mail servers what to do when an email fails authentication — reject it, quarantine it, or let it through.
This generator builds a v=DMARC1 TXT record published at _dmarc.yourdomain.com. Start with p=none to monitor, add an rua= reporting address, then tighten to p=quarantine or p=reject once your SPF and DKIM are aligned. Already publishing one? Check it first to see what is live.
DMARC Policy Levels
p=none Monitoring only. No action taken on failing emails. Good for initial setup.
p=quarantine Failing emails are sent to spam/junk. Intermediate enforcement.
p=reject Failing emails are rejected entirely. Strongest protection against spoofing.