NAME

dmarc_lookup - look up DMARC policy for a domain

SYNOPSIS

   dmarc_lookup example.com [ --verbose ]

DESCRIPTION

Query the DNS for a DMARC policy for a (sub)domain. Displays any found results as the DNS record as a perl object. In the simplest case, where the domain name in the email From header matches the Organizational Domain, this is roughly equivalent to the following commands:

    dig +short _dmarc.example.com TXT
    print $_->txtdata."\n"
      for Net::DNS::Resolver->new(dnsrch=>0)->send('_dmarc.example.com','TXT')->answer;

When the domain name in the email From header (header_from) is not an Organizational Domain (ex: www.example.com), an attempt is made to determine the O.D. using the Mozilla Public Suffix List. When the O.D. differs from the header_from, a second DNS query is sent to _dmarc.[O.D.].

EXAMPLES

A DMARC record in DNS format looks like this:

v=DMARC1; p=reject; adkim=s; aspf=s; rua=mailto:dmarc@example.com; pct=100;

DMARC records are stored as TXT resource records in the DNS, at _dmarc.example.com.

Other ways to retrieve a DMARC record for a domain are:

SEE ALSO

Mail::DMARC::Policy

AUTHORS

• Matt Simerson <msimerson@cpan.org>
• Davide Migliavacca <shari@cpan.org>
• Marc Bradshaw <marc@marcbradshaw.net>