Configure DMARC

Foreword

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a method to prevent the misuse of sender addresses and to control the handling of unauthenticated emails. DMARC builds on the existing authentication methods SPF and DKIM and enables domain owners to define how receiving mail servers should handle emails that do not pass these checks.

DMARC also allows you to receive reports on emails sent on behalf of your own domain.


Requirements

  • Access to the DNS zone of the domain
  • Existing and correctly configured SPF and/or DKIM records


Set DMARC entry


General information on setting DNS records can be found in the article DNS records.


The DMARC record defines the policy according to which receiving mail servers should handle emails that do not pass the SPF and/or DKIM check. In addition, report addresses can be defined for aggregated and forensic reports.


A simple DMARC standard record with a quarantine policy could look like this:

Host

_dmarc.example.com

RR type

TXT

value

v=DMARC1; p=quarantine; rua=mailto:dmarc@example.com;


This entry instructs receiving mail servers to quarantine (e.g. mark as spam) emails that fail authentication checks and sends aggregated reports to the specified email address.

Similar articles
On this page
Emergency?
In urgent cases, our emergency hotline is available around the clock at +49 2507 900 80 - 34.