Questions about the DMARC Validator API

The things developers ask before wiring up the DMARC Validator API — what it returns, what it covers, and where the limits are. Straight answers, no fluff.

Everything you asked

Still stuck on something specific? The team answers real integration questions directly.

Contact support
What is DMARC?
DMARC is an email authentication protocol that builds on SPF and DKIM. It tells receivers what to do when authentication fails and where to send reports.
What do the policies mean?
"none" monitors without action. "quarantine" sends failures to spam. "reject" blocks failures entirely. Start with "none" and progress to "reject".
What are rua and ruf?
rua (aggregate reports) provides daily summaries of authentication results. ruf (forensic reports) sends details of individual failures.
Does DMARC require SPF and DKIM?
DMARC requires at least one of SPF or DKIM to pass with alignment. Having both provides better protection.
What is alignment?
Alignment means the domain in the From header matches the domain authenticated by SPF or DKIM. DMARC can require strict (exact) or relaxed (includes subdomains) alignment.
How long to reach p=reject?
Start with p=none to collect reports, analyze for issues, then progress through quarantine to reject. Typically 4-8 weeks with proper monitoring.

Answer the last question by building. Free tier, no card — run the DMARC Validator API in minutes.

Scaling up?

Volume pricing, custom SLAs, and dedicated support for high-traffic teams.

Contact sales