Frequently asked questions
What is a DMARC record?
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a DNS TXT record that tells receiving mail servers what to do when SPF or DKIM checks fail. It builds on SPF and DKIM to give domain owners control over how unauthenticated email is handled — whether to monitor it, send it to spam, or reject it outright.
What do the DMARC policies mean?
none — Monitor only. Failing emails are still delivered normally. Use this when first setting up DMARC. quarantine — Failing emails are sent to the spam folder. A good intermediate step. reject — Failing emails are blocked entirely. The strongest protection against spoofing.
What are DMARC aggregate reports (rua)?
Aggregate reports are XML summaries sent by receiving mail servers to the address specified in rua=. They show which IPs are sending email as your domain, whether messages pass or fail SPF/DKIM, and how the DMARC policy was applied. These reports help you understand your email ecosystem before enforcing stricter policies.
What is DMARC alignment?
Alignment checks whether the domain in the From header matches the domains used in SPF and DKIM checks. Relaxed alignment (default) allows subdomains to match — e.g., mail.example.com passes for example.com. Strict alignment requires an exact domain match.
How should I roll out DMARC?
Start with p=none and add a rua= address to receive reports. Monitor for a few weeks to identify all legitimate senders. Then move to p=quarantine with pct=10 and gradually increase the percentage. Once confident, set p=reject at pct=100 for full protection.
More free tools
Email Domain Health Checker
Check your domain's MX, SPF, DKIM, and DMARC records instantly. Get a visual report card with an overall grade.
Check your domain →SPF Record Checker
Analyze your SPF record in detail — mechanisms, DNS lookup count, and security assessment.
Check SPF →DKIM Record Checker
Look up your DKIM records by selector. Analyze key type, key strength, and detect your email provider.
Check DKIM →Need help managing customer emails?
SupportBee turns your inbox into a shared, organized help desk. Try it free for 14 days.
Start Free TrialNo credit card required