DMARC Guru
Create the perfect DMARC record for your domain.
Mandatory DMARC Options
Version (v): DMARC1
Policy (p):
No action, just send reports
Treat as suspicious (e.g., mark as spam)
Reject the email entirely
Optional DMARC Options
Verify your DMARC record
- Why would you need a DMARC record?
- Implementing a DMARC record is essential for securing your domain and protecting your organization and users from email-based threats. It helps ensure email authentication, prevents spoofing and phishing, improves email deliverability, provides visibility and reporting, protects your brand reputation, and allows for policy enforcement. By implementing a DMARC record, you can enhance your overall email security posture and build trust in your communications.
- How to setup DMARC?
-
You add a TXT DNS record to your domain, with the name
_dmarc
and the value which you copy from above. So for example if you copy the valuev=DMARC1; p=none;
you would add a TXT record with the:
name:_dmarc.yourdomain.com
and
value:v=DMARC1; p=none;
. - What is the best DMARC policy?
- Ideally a policy of
p=reject
is best, as this will inform receiving email providers to reject emails that fail authentication. This is important, to prevent your domain from being used as a spam source or impersonating other domains. So if you have a new, fresh, unused domain, start immediately withp=reject
. - Why is DMARC suddenly so "hot"?
- Google, Yahoo, and other major email providers have strongly endorsed DMARC. They have implemented policies that favor emails from domains with DMARC records, improving deliverability for compliant senders and enhancing security for their users. So if you rely on emails getting delivered, you should probably add a DMARC record to your domain.
- How to monitor my DMARC record?
- Setting up your DMARC record once is fun, but monitoring it is even more fun. You can use Mailhardener to validate your DMARC record and get reports. This will help pinpoint potential issues and delivery problems.