What is DMARC?

Domain-based Message Authentication Reporting and Conformance (DMARC) is method to help authenticate emails you send from your domain names. When added to your domain a DMARC policy tells a receiving mail server how to act after receiving an email from an email address using your domain after it’s checked the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records.

DMARC records help reduce the chance of your domain being subjected to email spoofing, where a someone impersonates email you send by changing the from address to make it appear as if you sent an email.

A DMARC policy decides whether an email which is using a ‘from’ address with your domain in it and and has failed a SPF or DKIM check will be accepted, quarantined as spam or rejected.

What is an example DMARC record

Name: _dmarc.example.com

Type: TXT

Value: v=DMARC1;p=quarantine;rua=mailto:postmaster@example.com

In the above example, p=quarantine means email which fails a SPF and DKIM check will be quarantined as spam. The rua=mailto:postmaster@example.com means DMARC reports will be sent to the postmaster@example.com email address.

The most basic DMARC record is:

v=DMARC1; p=none

The above DMARC record will ensure you pass any DMARC checks but the ‘none’ policy means no action will be taken.

Steps to add a DMARC record

  1. Log in to Ecenica Dashboard.
  2. Go to My Domains.
  3. Click a domain you wish to manage.
  4. From the menu, click DNS.
  5. Enter the _dmarc for the name.
  6. Select TXT from the Type drop-down list.
  7. Optionally, enter a TTL (Time To Live). The default minimum TTL for Ecenica DNS is 1h (3600 seconds)
  8. Enter a value, for example, v=DMARC1;p=quarantine;rua=mailto:postmaster@example.com
  9. Click Add.