Your school or multi-academy trust relied on the free NCSC Mail Check service to watch your email domains. With it retired on 31 March 2026, you need an alternative that a small team without dedicated IT can actually run.
When the NCSC retired Mail Check on 31 March 2026, it pointed organisations of all sizes — not just large ones — to the wider market, and its email-security guidance collection stayed live as the reference for what to do instead. That guidance still walks you through the same journey Mail Check supported: publish DMARC at p=none, read your aggregate reports, fix each legitimate sender, and step the policy up. For a school the practical gap isn't the policy — it's having something read the reports for you in plain language, which is exactly the part Mail Check automated and now doesn't. Source: NCSC — Email security and anti-spoofing collection · verified 2026-07-17
rua= reporting address to the new tool.No. The NCSC retired the Mail Check tool on 31 March 2026, but its email-security and anti-spoofing guidance stayed live and still recommends publishing DMARC and monitoring your reports — it simply expects you to use an open-source or commercial tool to do it now.
No. DMARC reporting is controlled by the rua= tag in a single DNS TXT record. Moving from Mail Check to another tool is a one-line change to that record — your DNS stays where it is, with no delegation.
No. Your DMARC policy lives in your own DNS record, not inside Mail Check. Retiring the tool or changing your reporting address doesn't touch the policy you already reached.