DMARC Record
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism that allows to the e-mail senders and receivers to determine or not a given message is legitimately from the sender, and what to do if it isn’t. The DMARC record allows easier to identify spam and/or phishing messages, received in the Customers's mailbox, and to keep them out of there.
Example of DMARC record:
| Host | Type | Points to: | TTL |
| _dmarc.yourdomain.com | TXT | v=DMARC1;p=reject;pct=100;rua=mailto:mailmaster@postmaster.com | 3600 |
In the example shown above, the sender requests that the receiver outright reject all non-aligned messages and send a report, in a specified aggregate format, about the rejections to a specified address. If the sender was testing its configuration, it could replace “reject” with “quarantine” which would tell the receiver they shouldn’t necessarily reject the message, but consider quarantining it.
DMARC records follow the extensible “tag-value” syntax for DNS-based key records defined in DKIM.
You can see the available tags here:
| Tag name | Purpose | Sample |
| v | Protocol version | v=DMARC1 |
| pct | Percentage of messages subjected to filtering | pct=20 |
| ruf | Reporting URI for forensic reports | ruf=mailto:authfail@example.com |
| rua | Reporting URI of aggregate reports | rua=mailto:aggrep@example.com |
| p | Policy for organizational domain | p=quarantine |
| sp | Policy for subdomains of the OD | sp=reject |
| adkim | Alignment mode for DKIM | adkim=s |
| aspf | Alignment mode for SPF | aspf=r |
To add DMARC, you need to create a TXT record in your DNS Zone. You can see the example below:
Why do you need a DMARC record?
DMARC is the latest trend of the email authentication technics. It verifies that the sender's email messages are protected by both SPF and DKIM records. In conclusion, the DMARC authentication is always a good idea.
How to create a DNS DMARC record?
To add DMARC, go to your DNS zone management page and click on “Add new record”. For "Type" choose "TXT" and type as follows:
- Type: TXT
- TTL: 1 Hour
- Host: _dmarc*
- Points to: dmarc tags and values.
*This hostname is used as an example.
How to add a DMARC Record - Step by Step video:
How to start managing DMARC records for your domain name?
- Open free account from here - free forever
- Verify your e-mail address
- Log into your control panel
- Create a new Master DNS from the [add new] button - read more here
- Add the DMARC records you need as it is described in this article
Support of DMARC records
ClouDNS provides full support for DMARC records for all our DNS services, including the listed below. Just write to our technical support, if you need any assistance with your DMARC records configuration. Our Technical Support team is online for you 24/7 via live chat and tickets.
FAQ
Question: Where is the option for adding a DMARC record? I cannot see it.
Answer: DMARC can be implemented by adding a TXT record as described in this article.
Question: How can I generate the values for my DMARC record?
Answer: There are plenty of DMARC generators and DMARC wizards on the Internet. You can use any of them.