gs.dmarc API Reference

Currently only querying the DMARC receiver policy is supported.

Receiver Policy

A DMARC receiver policy is published in a DNS TXT record, in a domain that starts with _dmarc. It is possible to use the host program to look up a DMARC record.

$ host -t TXT descriptive text "v=DMARC1\; p=reject\; sp=none\; pct=100\;,\;"

The receiver_policy() function performs the DNS query, parses the results, and returns the policy for the host. The different policies are listed by the ReceiverPolicy enumeration.


Get the DMARC receiver policy for a host.

Parameters:host (str) – The host to lookup.
Returns:The DMARC reciever policy for the host.
Return type:A member of the gs.dmarc.ReceiverPolicy enumeration.

The receiver_policy() function looks up the DMARC reciever polciy for host. If the host does not have a pubished policy the organizational domain is determined. The DMARC policy for the organizational domain is queried, and the subdomain policy is reuturned (if specified) or the overall policy for the domain is returned. Internally the gs.dmarc.lookup.lookup_receiver_policy() is used to perform the query.

class gs.dmarc.ReceiverPolicy[source]

An enumeration of the different receiver policies in DMARC.

noDmarc = <ReceiverPolicy.noDmarc: 0>

No published DMARC receiver-policy could be found. Often interpreted the same way as gs.dmarc.ReceiverPolicy.none.

none = <ReceiverPolicy.none: 1>

The published policy is none. Recieving parties are supposed to skip the verification of the DMARC signature.

quarantine = <ReceiverPolicy.quarantine: 2>

Generally causes the message to be marked as spam if verification fails.

reject = <ReceiverPolicy.reject: 3>

Causes the system that is receiving the message to reject the message if the verification fails.


Get the host from an email address, and get the receiver policy.

addr = email.utils.parseaddr('')
host = addr[1].split('@')[1]
policy = receiver_policy(host)

if (policy in (ReceiverPolicy.quarintine, ReceiverPolicy.reject)):
    # Rewrite the From header

See also

The organizational domain is determined by the publicsuffixlist product.
The dnspython product is used to perform the DNS query.
The enum34 product is used to provide enumeration support in versions of Python prior to 3.4.


Internally the lookup.lookup_receiver_policy() function is used to make a DNS query, parse the arguments, and return a member from the ReceiverPolicy enumeration.

gs.dmarc.lookup.lookup_receiver_policy(host, policyTag=u'p')[source]

Lookup the reciever policy for a host. Returns a ReceiverPolicy.

  • host (str) – The host to query. The actual host that is queried has _dmarc. prepended to it.
  • policyTag (str) – The tag that holds the receiver policy. Must be p (the default) or sp (for the subdomain policy). See RFC 7489#section-6.3.

The DMARC receiver policy for the host. If there is no published policy then gs.dmarc.ReceiverPolicy.noDmarc is returned.

Return type:

A member of the gs.dmarc.ReceiverPolicy enumeration.