Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
dmarcheck is a DNS email security analyzer provided by dmarc.mx. It is designed to check email security records for any domain, including DMARC, SPF, DKIM, BIMI, MTA-STS, and more, and then assign an overall security posture score from F to A+. It also checks MX, security.txt, TLS-RPT, DNSSEC, and DANE/TLSA, though these are presented more as contextual information and do not affect the main score.
Its protection model is more accurately described as “configuration auditing and continuous monitoring,” rather than an email gateway or anti-phishing blocking product. The free version can be used directly via the Web UI and also provides a JSON API. DKIM checks support 38 common selectors and allow users to enter custom selectors. For deployment, it is available both as a hosted service and as open-source software under the MIT License. The documentation explicitly states that users can clone it and configure D1, WorkOS, Stripe, and other components to run it themselves, making it suitable for technical teams that want control over deployment.
Pricing is very clear: Free costs $0, and the public scanner requires no account. It supports unlimited on-demand web scans, while the anonymous API is limited to 10 requests per IP per minute. Pro costs $19/month and includes a watchlist of up to 25 domains, nightly rescans every 24 hours, historical trends, email alerts for score drops or protocol regressions, bulk scanning for up to 100 domains, and 60 API Key requests per hour. Payments and cancellations are handled through the Stripe Customer Portal, and refunds can be requested within 30 days.
Its main strengths are that the free version is not heavily restricted and the full core analyzer is open to all users. Protocol coverage is comprehensive, while the API and self-hosting option improve integration flexibility and transparency. The limitations are also clear: Pro currently does not support DMARC aggregate RUA report ingestion, team seats, SSO, white labeling, or custom domains. The 25-domain limit and 60 API Key calls per hour make it better suited to lightweight monitoring rather than large-scale enterprise asset governance.
The main documentation does not provide information on network accessibility from mainland China, RMB payments, or local compliance. The only payment method seen is Stripe, so users in China should verify card and network availability themselves. If an organization requires local data residency, team permissions, SSO, or DMARC report analysis, it may need to evaluate local email security platforms, DNS security management platforms, or alternatives with DMARC report ingestion capabilities.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on dmarc.mx official site.
dmarc.mx is an Unknown Security provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach dmarc.mx directly.