Wiki

DMARC Record

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism that allows to the e-mail senders and receivers to determine or not a given message is legitimately from the sender, and what to do if it isn’t. The DMARC record allows easier to identify spam and/or phishing messages, received in the Customers's mailbox, and to keep them out of there. 

Example of DMARC record:

Host Type Points to: TTL
_dmarc.yourdomain.com TXT v=DMARC1;p=reject;pct=100;rua=mailto:mailmaster@postmaster.com 3600

In the example shown above, the sender requests that the receiver outright reject all non-aligned messages and send a report, in a specified aggregate format, about the rejections to a specified address. If the sender was testing its configuration, it could replace “reject” with “quarantine” which would tell the receiver they shouldn’t necessarily reject the message, but consider quarantining it.
DMARC records follow the extensible “tag-value” syntax for DNS-based key records defined in DKIM.

You can see the available tags here:

Tag name Purpose Sample
v Protocol version v=DMARC1
pct Percentage of messages subjected to filtering pct=20
ruf Reporting URI for forensic reports ruf=mailto:authfail@example.com
rua Reporting URI of aggregate reports rua=mailto:aggrep@example.com
p Policy for organizational domain p=quarantine
sp Policy for subdomains of the OD sp=reject
adkim Alignment mode for DKIM adkim=s
aspf Alignment mode for SPF aspf=r

 To add DMARC, you need to create a TXT record in your DNS Zone. You can see the example below:

 

Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more