How to Verify Your DMARC Record

DMARC Record Verification

Assuming you have already created your DMARC rule, added it to your DNS, and want to check your SPF configuration. The DMARC record is stored in DNS as TXT and you can manually check the DKIM record for a domain by using nslookup or dig as follows

1. In the terminal type

nslookup -type=txt _dmarc.yourDomain

or

dig txt _dmarc.yourDomain

Replace yourDomain with your domain name, for example, nslookup -type=txt _dmarc.example.com,

2. If a DMARC record exists, the result would contain your record starting with v=DMARC1,

3. If a DMARC record doesn’t exist or there is a problem retrieving the record for the domain there would be no v=DMARC1 property in the output.

To test your DMARC, you can also check if the DNS entry for your DMARC is correct by entering your domain into https://mxtoolbox.com/dmarc.aspx. If you set your DMARC entry correctly it will show you the results meaning your DMARC passed the test. The mxtoolbox should be enough to test your SPF but there other tools available online for this purpose. For example, another tool you can use to see a list of IPs you set as authorized in your SPF rule is http://tools.wordtothewise.com/dmarc.

Technical writer at Zextras, an open-source and technology enthusiast who creates instructional and technical articles about Zextras and Zimbra.

Post your comment