DMARC Record Generator | Create Your Custom DMARC Policy

Your Primary Domain *

Policy (p) *

Action for mail servers if a message fails DMARC. Start with 'None'.

Aggregate Report Email(s) (rua)

Receive daily DMARC summary reports. Comma-separate multiple addresses.

Forensic Reports (ruf)

Enable Forensic Reports (optional)

Apply Explicit Policy to Subdomains? (sp)

Set specific subdomain policy

Percentage of Mail to Filter (pct)

Apply policy to this percentage of failing emails (0-100).

DKIM Alignment (adkim)

'Relaxed' is common.

SPF Alignment (aspf)

'Relaxed' is common.

Failure Reporting Options (fo)

Specifies how forensic reports are generated if RUF is enabled.

Your Generated DMARC Record

Publish this TXT record in your DNS for the hostname:
_dmarc.yourdomain.com

Important Next Steps:

Start with p=none to monitor reports before enforcing quarantine or reject.
Regularly check your RUA reports to understand your email streams and identify legitimate senders.
Gradually increase the pct tag (e.g., 10% → 50% → 100%) when moving to stricter policies.
Incrementally update policy strictness (none → quarantine → reject) only once confident.

Learn More About DMARC

Demystifying DMARC

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol designed to protect your domain from unauthorized use, like spoofing and phishing.

Key DMARC Tags

v=DMARC1: Version. Mandatory.
p=policy: Policy (none, quarantine, reject). Mandatory.
rua=mailto:address: URIs for aggregate reports. Recommended.

Why Use Our Generator?

Our DMARC Record Generator simplifies creating complex DMARC records, reducing errors and saving time.

Ease of Use
Error Reduction
Comprehensive Coverage

Publishing Guide

A quick guide to publishing your DMARC record in your DNS settings.

Generate your record using this tool.
Access your domain's DNS settings.
Create a new TXT record with hostname _dmarc.
Paste the generated record as the value.

FAQs

Start with p=none (monitoring mode) to analyze reports without impacting email delivery. Gradually move to stricter policies like p=quarantine or p=reject after careful analysis.

Regularly, especially initially. Daily or weekly checks are common during the setup phase to identify all legitimate sending sources and fix authentication issues.

Yes, if misconfigured or if a strict policy (quarantine/reject) is set before all legitimate sending sources are properly authenticated (SPF/DKIM aligned). Always start with p=none.

RUA (Aggregate): XML reports providing an overview of email traffic, authentication results, and IP sources. Essential for monitoring.

RUF (Forensic): Redacted copies of individual emails that failed DMARC. Can be high volume and contain sensitive data; use judiciously.

Your Generated DMARC Record

Important Next Steps:

Learn More About DMARC

Demystifying DMARC

Key DMARC Tags

Why Use Our Generator?

Publishing Guide

FAQs

What's the best DMARC policy to start with?

How often should I check DMARC reports?

Can DMARC impact email delivery?

What are RUA and RUF reports?