DMARC record explained
A practical breakdown of a DMARC record, including what each tag means and how to interpret the policy.
What a DMARC record is
A DMARC record is a DNS TXT record that tells receiving mail servers how to handle messages that fail authentication checks.
It works alongside SPF and DKIM to enforce policy and provide reporting.
Check a DMARC record using DNS Pro: https://app.dnspro.co.uk/dmarc-lookup
Example DMARC record
_dmarc.example.com. 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"Tag breakdown
- v=DMARC1 → version identifier
- p=reject → policy for failed messages
- rua → aggregate report destination
- ruf → forensic report destination
- aspf → SPF alignment mode
- adkim → DKIM alignment mode
How to interpret a DMARC record
Focus on the policy (p), reporting (rua), and alignment settings when reviewing a DMARC record.