DMARC check

Fetch and validate a domain's DMARC policy at _dmarc.<domain> (RFC 7489). Surfaces the enforcement policy (none/quarantine/reject), reporting addresses, alignment modes, and common misconfigs (no rua, p=none stuck for months, percent <100). Pair with SPF and DKIM for full Feb-2024 sender-rule compliance.

Input

Field	Type	Description
domain *	string	Domain name (also accepts email/url/host)

Example output

{
  "domain": "google.com",
  "hasRecord": true,
  "raw": "v=DMARC1; p=reject; rua=mailto:mailauth-reports@google.com",
  "policy": "reject",
  "subdomainPolicy": "reject",
  "percent": 100,
  "alignment": {
    "spf": "r",
    "dkim": "r"
  },
  "reportingUris": {
    "aggregate": [
      "mailto:mailauth-reports@google.com"
    ],
    "failure": []
  },
  "valid": true,
  "warnings": []
}

Try it — see the 402 challenge (free)

curl -i -X POST https://agent402.tools/api/dmarc-check \
  -H "Content-Type: application/json" \
  -d '{"domain":"google.com"}'

The response is HTTP 402 Payment Required with exact payment requirements. Any x402 v2 client pays automatically and retries:

Paid call (JavaScript agent)

import { wrapFetchWithPayment } from "@x402/fetch";
import { x402Client } from "@x402/core/client";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";

const client = new x402Client();
registerExactEvmScheme(client, { signer: privateKeyToAccount(KEY) });
const payFetch = wrapFetchWithPayment(fetch, client);

const res = await payFetch("https://agent402.tools/api/dmarc-check", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    "domain": "google.com"
  }),
});

Wallet-only. This tool reaches the network/browser/storage, so it is paid in USDC via x402 (no proof-of-work tier).

Related tools