Free Tool

DMARC Record Generator

Create a DMARC record to protect your domain from email spoofing. Configure policy, reporting, and alignment in one place.

Policy configuration

Aggregate reporting (rua)

Gradual rollout support

DMARC policy

None (monitor only)

Collect reports but take no action. Start here.

Quarantine

Send failing emails to spam. Intermediate step.

Reject

Block failing emails entirely. Maximum protection.

Subdomain policy (optional)

Aggregate report email (rua)

Receives daily XML reports

Forensic report email (ruf) (optional)

Individual failure reports (not all ISPs send these)

DKIM alignment

SPF alignment

Apply to percentage of emails: 100%

1%Gradual rollout, start low when moving from none to quarantine/reject100%

Add a reporting email (rua) to receive DMARC reports. Without it, you won't know if emails are failing authentication.

v=DMARC1; p=none

Type

TXT

Host

_dmarc

Value

v=DMARC1; p=none

What is DMARC?

DMARC tells receiving servers what to do when emails fail SPF or DKIM authentication: monitor, quarantine, or reject them.

DMARC aggregate reports (rua) show you who is sending email using your domain, including unauthorized senders trying to spoof you.

Begin with p=none to collect reports without affecting delivery. Once you confirm all legitimate senders pass, move to quarantine then reject.

Google and Yahoo require DMARC for bulk senders. Set up SPF, DKIM, and DMARC to meet their requirements.