FMCodes • All-in-one Webmasters community
Would you like to react to this message? Create an account in a few clicks or log in to continue.

You are not connected. Please login or register

FMCodes • All-in-one Webmasters community  » Webmasters Community » Web Hosting & Domains » How do I create a DMARC record?

How do I create a DMARC record?

How do I create a DMARC record? Empty
Niko
  • Forum Administrator

    Team contributor
    You have been part of the community team
    Community veteran
    You belong to this community since its ancient time
    Active Contributor
    The user has wrote more than 100 posts and comments
    Passioned user
    You have participated in 50+ different topics, a true fan!
    Post lover
    You have liked more than 50 posts!
    Beta Tester
    You have been part of the Beta-Testing team
    Forumotion expert
    This user is an expert with Forumotion free forum hosting
    10th Anniversary (Grand Re-open)
    Thanks for being part of our grand re-opening
    Merry Christmas 2022
    Thanks for having been with us during Christmas season!
    Forum Writer
    You have opened more than 20 topics on the forum
    The Life of the Party
    You have made more than 20 members in our community, wow!
    Members Guru
    You have received more than 50 likes on your posts. Our members really what you have to say!
      Posts : 3614
      Points : 129527
    How do I create a DMARC record?


    What is DMARC?

    DMARC is a validation system that - in combination with SPF and DKIM - helps to prevent email impersonation fraud, or spoofing. SPF and DKIM are methods to authenticate an email by checking how it was sent and by who. DMARC then determines what to do with an email that can't be authenticated.

    SPF verifies if an email was sent using approved servers.
    DKIM adds a digital signature to emails, allowing receiving mail servers to verify the email.
    DMARC sets a policy on what to do with emails that fail either SPF or DKIM checks.
    For DMARC to be useful, you need to have DKIM and SPF enabled for your domain. DKIM is enabled by default for emails using our servers, and you can check our guide on how to enable SPF.

    How does DMARC help?

    DMARC helps to protect your domain from being used to send phishing and spoofing emails, effectively blocking others from impersonating you, or your company.

    In combination with SPF and DKIM, DMARC also shows email providers that you are trustworthy and no scammer. This improves overall deliverability, which can be very useful when sending, for example, newsletters.

    Note: DMARC only has effect when sending email. It doesn't affect the spam emails you receive in your own inbox. However, if all email accounts implement these validation methods, in theory, spoofing would no longer be possible.

    DMARC policies

    When you create the DMARC record, you need to choose a policy to determine what happens with emails that fail the DMARC check:

    • none: is for monitoring and gathering results without taking action; emails are delivered as usual.
    • quarantine: messages that fail the DMARC check are moved to a spam folder, or something similar.
    • reject: email messages that fail the DMARC check are not delivered at all.


    The normal process when selecting policies is to start with "none", then "quarantine" and finally "reject". That way you can first monitor what emails are sent from your domain, then quarantine to test the effect, and finally reject all emails that can't be authenticated.

    If you want to follow this procedure, we strongly recommend using an external (paid) service to help you with analysing the reports, such as, Dmarcian, EasyDMARC, or DMARCLY.

    If you just want to enable DMARC, we recommend selecting "quarantine". This delivers unauthenticated emails in the spam folder or marks them as suspicious.

    DMARC email reports

    When you create a DMARC record you also need to enter an email address to receive reports. The reports contain an overview in XML of all email traffic from your domain and which mails fail the DMARC check.

    There are two types of reports:

    • RUA reports are sent daily and contain an overview of all emails sent from your domain, including IP addresses.
    • RUF reports are only sent if an email fails the DMARC check. They contain the original message and message header of the email that failed.


    We recommend that you create an email account on your domain and use this to receive reports. It's also recommended to get both the RUA and RUF reports.

    Note: Not all email providers adhere to DMARC policies, so it's possible that not all mails you sent are listed.

    Create a DMARC record on your domain

    Go to DNS records and create a record of type TXT, so Enter the following details:

    • Under hostname enter
      Code:
      _dmarc
    • Under Value enter the text below, while adding your own policy and email address:

      Code:
      v=DMARC1; p=policy name; rua=mailto:an-email-address ruf=mailto:an-email-address

    • Leave TTL empty to default to 3600 seconds.


    Wait a few minutes and check if your record is set up correctly with a DMARC record checker.

    This resource belong to this community unless differently stated.
    No reproduction possible without our agreement, in accordance with article L122-1 of the CPI.



    Topic Actions

    Sponsored




    FMCodes • All-in-one Webmasters community  » Webmasters Community » Web Hosting & Domains » How do I create a DMARC record?

    ©phpBB | Contact | Report an abuse | Cookies