Find DKIM and DMARC Records?

Solution 1:

To query the TXT record for DMARC, you can use:

dig TXT

To query for a particular record for DKIM, you would need to know the selector prefix. You would then query it as TXT (for example with a google one):

dig TXT

Solution 2:

For DKIM records, if you have received a DKIM-signed email from that domain, look at the DKIM-Signature header line(s).

From the spec:

All DKIM keys are stored in a subdomain named _domainkey. Given a DKIM-Signature field with a "d=" tag of and an "s=" tag of, the DNS query will be for

So in this example, you can then run:

dig TXT

Credit to andol, whose comment led me to this solution.

Solution 3:

You should use +short with dig to get the DMARC record only.

dig +short TXT

Solution 4:

Using Windows built-in tool nslookup

  1. Open Command Prompt (cmd.exe)
  2. Enter nslookup
  3. Enter set type=txt
  4. Enter, replace



Default Server:  localdns

> set type=txt


Non-authoritative answer: text =

    "v=DMARC1; p=none; rua=mailto:[email protected]"

You may use server (Google DNS) before lookup DMARC TXT record.