DMARC FAQ

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a standard that prevents spammers from using your domain to send email without your permission — also known as spoofing. If you are new to email authentication, we recommend first reading about DKIM and SPF. In combination with SPF and DKIM, a DMARC policy in DNS allows you to set rules to reject or quarantine emails from sources you do not know or trust. As part of the DMARC spec, ISPs (Gmail, Yahoo, Microsoft and more) who implement DMARC will also generate reports on sending activity for your domain. For further reading, check out our guide on DMARC.

What do these tags mean on my DMARC DNS Record?

Tag Description Example
v Protocol version v=DMARC1
p Policy for organizational domain p=none
pct Percentage of messages subjected to filtering pct=100
rua Reporting URI of aggregate reports rua=mailto:name@domain.com
sp Policy for sub-domains of the organizational domain sp=none
aspf Alignment mode for SPF aspf=r

Can you help me generate a DMARC record?

Yep! Head over to https://dmarc.postmarkapp.com/ and enter in the domain you want to monitor and an email address to receive weekly DMARC reports at. We will then generate a valid DMARC record for you to add to your DNS. Once the DMARC record we create for you is in your DNS we will begin receiving DMARC data for your sending. The following week you can expect to receive your first DMARC Weekly Digest, which will include the aggregate DMARC data in a human readable format for you.

How do I add a DMARC record to my DNS?

Once you have your DMARC record generated, head over to your DNS provider and add it to your DNS as a TXT record. Use _dmarc for the host/name and your DMARC policy for the value.

Still need help? Contact Us Contact Us