DMARC Record Builder and Inspector
Create and inspect DMARC records locally with policy and reporting guidance.
Build a DMARC TXT value for _dmarc or inspect an existing value before a DNS change. The tool runs locally in your browser and does not query DNS, send email, upload report addresses, or contact any reporting service.
Publish at _dmarc.example.com.
Use one mailto: destination per line or comma. Confirm external reporting addresses with your reporting provider before publishing.
Failure reports may include message samples. Many receivers do not send them, and privacy review is recommended before enabling ruf.
How it works
Domain-based Message Authentication, Reporting, and Conformance tells receivers how to handle mail that fails alignment checks and where to send aggregate feedback. A DMARC TXT record normally lives at _dmarc.example.com and starts with v=DMARC1 followed by policy and reporting tags.
Most domains start with p=none to collect aggregate reports, then move to quarantine or reject after SPF and DKIM alignment are healthy. Strict alignment can be useful for tightly controlled mail streams, but it may break legitimate subdomain or third-party sender patterns if enabled too early.
This is a local syntax and planning aid. It cannot prove your DNS has propagated, verify live mail alignment, validate third-party report authorization, or guarantee that every receiver will send reports. Review new policies with your mail provider and roll out enforcement gradually.
Related tools
Use the SPF Record Builder and Inspector and DKIM Record Builder and Inspector to prepare aligned authentication records, the DNS Zone File Validator to review zone snippets, and the Email Header Parser to inspect authentication results from received messages.