Free Tool · DMARC
DMARC Inspector
Look up a domain's DMARC record, see exactly what each tag does, and find out whether you're actually protected from spoofing.
Free · no signup · checks public DNS only ·
What the DMARC Inspector checks
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a DNS TXT record at _dmarc.yourdomain.com that tells receivers what to do with mail that fails SPF and DKIM — and where to send reports.
The most important tag is the policy, p=. p=none only monitors (spoofers are not blocked); p=quarantine sends failures to spam; p=reject blocks them outright. Only quarantine and reject actually stop spoofing. The rua= tag enables the aggregate reports you need to reach enforcement safely.
This inspector fetches your record, explains every tag, and grades how protected you really are.
Frequently asked questions
What does p=none mean?+
Monitoring only. DMARC reports are generated, but messages that fail authentication are still delivered — spoofers are not blocked. It is a starting point, not protection.
Should I use quarantine or reject?+
Reject is the strongest (spoofed mail is blocked). Quarantine (spam folder) is a safe intermediate step. Move from none → quarantine → reject as your reports confirm legitimate senders pass.
Why do I need a rua address?+
rua is where aggregate DMARC reports are sent. Without it you are flying blind and cannot safely tighten your policy.
Is this tool free?+
Yes — it only reads public DNS records and needs no signup.
More free tools