Enter any domain to instantly check its DMARC policy, reporting configuration, and alignment mode.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that builds on SPF and DKIM. It tells receiving mail servers what to do when an email fails authentication — reject it, quarantine it, or let it through.
A DMARC record is a TXT record published at _dmarc.yourdomain.com. It contains your policy (p=none|quarantine|reject), alignment settings, and optionally a reporting address to receive aggregate DMARC reports.
Without DMARC, anyone can send emails pretending to be from your domain. With a strong DMARC policy (p=reject), you tell the world to trash anything that fails authentication.
DMARC is the #1 reason forwarded emails land in spam. When you forward an email, SPF breaks (because the forwarding server isn't in the original sender's SPF record). Without ARC sealing, the destination server sees a DMARC failure and quarantines or rejects the message.
ARC-Relay solves this by adding cryptographic ARC (Authenticated Received Chain) seals so Gmail, Outlook, ProtonMail, and Yahoo trust the forwarded email and honor the original DMARC pass.