deemarc.
DE Get in touch
deemarc.
Deutsch Get in touch

DMARC test

Check any domain
in seconds.

Enter a domain — we read its DMARC record from public DNS and tell you instantly whether email authentication is set up cleanly. No sign-up, no tracking, runs entirely in your browser.

DNS query goes directly to Cloudflare. We don't see the lookup.

What is DMARC?

Protection in
one DNS entry.

DMARC is a TXT record in your domain's DNS that tells receiving servers: "Here's how to handle mail in this domain's name."

A typical record looks like: v=DMARC1; p=reject; rua=mailto:dmarc@example.ch

Receivers like Google, Microsoft and Yahoo check every inbound mail against this record and send you daily aggregated reports. Without a record your domain is freely spoofable — anyone can write in your name. With a record and an active policy, spoofers are blocked.

How to read the result

Five
verdicts.

PASS Clean setup: p=reject with active rua reporting.
WARN Setup in transition (p=quarantine, or p=none with rua=).
FAIL Weak or missing protection — the domain is spoofable.
INFO Subdomain inherits from parent — usually OK.
ERROR DNS lookup failed — please try again.

Common questions

What we
get asked.

Does my domain pass through Solvia servers during the test?
No. The DNS query goes straight from your browser to Cloudflare (DoH). Solvia never sees the domain you test.
What exactly is checked?
We fetch the TXT record at _dmarc.<your-domain> and verify it's a valid DMARC1 record. We look at policy (p=), reporting (rua=) and subdomain inheritance (sp=).
What's the difference between p=none, p=quarantine and p=reject?
p=none is observe — reports flow, spoofs are still delivered. p=quarantine sends spoofs to spam. p=reject bounces them before delivery. Best practice: escalate in this order, don't skip steps.
My result is PASS — am I done?
PASS means: the setup is technically clean. That's half the win. The other half is ongoing report analysis — recognising sending sources, spotting anomalies, fine-tuning the policy. That's exactly what Deemarc is for.
My result is FAIL — how fast can we fix?
A first observational DMARC record can be in place within 15 minutes. The clean escalation to p=reject takes 30–60 days of reporting. We can walk you through it.

Test shows problems?
We help.

30 minutes screenshare, then a concrete rollout plan. Send us the domain — we do the rest.

Get in touch