DMARC Policy Simulator
Input a policy configuration and message scenario. See exactly what a receiving mail server would do, and why.
Result
At least one mechanism passed and aligned with the From: domain.
Disposition
none (message passes)Evaluation steps
- 01.Header-From domain: example.com
- 02.DKIM pass (d=example.com), relaxed: org "example.com" = "example.com" → aligned ✓
- 03.SPF pass (envelope-from mail.google.com), relaxed: org "google.com" ≠ "example.com" → not aligned
- 04.DMARC: PASS (via DKIM) → disposition: none
DMARC Policy
Message Scenario
See your real alignment rate across all senders.
Get started free →No credit card required. Free tier monitors 1 domain.
Runs in your browser, no account required. Track your real sending sources over time.
See plans →Why simulate before changing your policy
Moving from p=none to p=quarantine is the step most developers hesitate on. If a legitimate sender isn't covered by your SPF or DKIM setup, their mail goes to spam the moment you flip the policy. This simulator lets you preview exactly what a receiving mail server would do for any sender scenario given your current DMARC policy, DKIM alignment result, and SPF alignment result, before you commit to anything.
Key reasons to simulate first
- Find uncovered senders:see which sender scenarios would fail under a stricter policy before you enforce it
- Understand alignment logic:DMARC passes when either DKIM or SPF aligns; the simulator shows you which path each scenario takes
- Test subdomain policy:the
sp=tag controls subdomains separately; confirm your subdomain behavior before tightening - Validate your changes:after updating your DMARC record, confirm the new policy evaluates exactly as intended
Frequently asked questions
What is a DMARC simulator?
Why should I simulate before changing my DMARC policy?
p=quarantine means that sender's mail goes to spam. Simulating first lets you identify those gaps and fix them before the policy has any effect. See the p=reject vs p=quarantine guide for the full decision framework.What does DMARC quarantine do?
p=quarantine tells receiving servers to route mail that fails DMARC authentication to the spam or junk folder rather than the inbox. It's the middle ground between p=none (deliver everything, just report) and p=reject(bounce failing mail entirely). Most domains move to quarantine first to catch any legitimate senders that weren't covered before committing to full rejection.Want continuous monitoring instead of one-off checks?
DMARCdrift ingests your DMARC reports automatically, tracks alignment across every sender, and tells you when you're actually ready to move from p=none to enforcement, with no manual report parsing required.
Run policy simulations on real incoming reports. Start free.
See plans →