DMARC Generator

You'll see the generated DMARC record here once you enter a valid domain.

About this SPF Generator – Online & wizard-based tool

Generate a valid DMARC TXT record effortlesly. Enter your domain, click the Generate DMARC button, then fine-tune it with our DMARC wizard and your record updates live. This tool is online, no fast, and completely free.

How to use the DMARC generator

  1. Type a domain you want to create an DMARC record for.
  2. Click Generate DMARC. We generate DMARC TXT record.
  3. Adjust in the configuration by using the wizard below.
  4. Copy the DMARC record from the table or download complete DMARC setup instructions.
  5. Publish the record at your DNS host. We wrote down a provider-specific instructions for you – fing it in the downloaded file.
  6. Then, to verify the record use an DMARC checker.

DMARC tags explained

  • Policy (p) — Tells mail servers what to do to do when email fails DMARC:
    • none – monitor only,
    • quarantine – send to spam,
    • reject – block message.
  • Subdomain policy (sp) — Optional override for subdomains. If omitted, subdomains inherit p. Use when subdomains send mail and need different handling.
  • Alignment (adkim/aspf) — Controls how closely DKIM/SPF must match the visible From domain. Tip: start relaxed and move to strict once all senders are aligned.
    • r (relaxed) allows subdomains,
    • s (strict) requires an exact match.
  • Aggregate reports (rua) — Where daily XML summaries are sent about authentication results. These help you discover all sources sending on your behalf.
  • Forensic reports (ruf) — Where detailed samples of failing messages are sent. Many providers limit these, so enable only if you truly need them.
  • Failure reporting options (fo) — When to trigger failure details – you can select DKIM failure, SPF failure, none or both (which sends reports for any failure).
  • Percentage (pct) — The share of mail your policy applies to. Default is 100%, but you can start lower and increase over time.
  • Report interval (ri) — How often aggregate reports are requested, in seconds. The default is 86400 (about 1 day).

What is a DMARC record?

A DMARC record is a DNS TXT entry published at _dmarc.yourdomain.com that tells receiving mail servers how to handle messages that claim to be from your domain but fail SPF or DKIM alignment. It helps to block spoofing, reduce phishing, and give you reporting visibility.

How the process works

  1. A message arrives claiming to be from your domain.
  2. The receiver checks your DMARC policy in DNS.
  3. It evaluates SPF and DKIM for alignment with the visible “From” domain.
  4. Based on your policy, the receiver decides what to do and (optionally) sends you aggregate and failure reports.

FAQ

  • What is a DMARC record?
    A DMARC record is a DNS TXT entry at _dmarc.<yourdomain> that tells receivers how to handle mail that fails SPF/DKIM alignment and where to send reports.
  • Where do I publish the record?
    Create a TXT record at the host _dmarc.<yourdomain> and present the results in a clear table below.
  • What policy should I start with?
    Begin with p=none and rua enabled to monitor without affecting delivery. Move to p=quarantine, and then p=reject once legitimate sources are aligned.
  • Does DMARC replace SPF or DKIM?
    No. SPF and DKIM authenticate mail; DMARC sits on top to enforce policy and request reports.
  • Can I publish multiple DMARC records?
    No. Publish one DMARC TXT record at _dmarc.yourdomain.com. Combine all tags into a single string.
  • How long until changes take effect?
    DNS propagation typically takes a few minutes up to the TTL, sometimes longer (up to 24–48 hours).
  • How do I verify that DMARC is working?
    To verify the record use an DMARC checker.

👉 Need to deliver your emails?

Sidemail makes transactional and marketing emails simple—powerful email sending API, clean dashboard, and hands-on support whenever you need it. Create your account and start sending in under 30 minutes.

Get started now