Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a validation system for email that is used to detect and prevent email spoofing.
What Is DMARC?
DMARC ensures that legitimate email is properly authenticated with previously established DKIM and SPF standards. By doing this it will block fraudulent activity appearing to come from domains under the organization’s control, whether they are active sending domains or not.
How To Set DMARC?
To set a DMARC record you’ll need to add a TXT record to your DNS zone. Depending on the setup of your server, how you do this can vary. If you’re using a control panel, such as cPanel, you can create/edit DNS records by using the Advanced Zone Editor in cPanel. Alternatively, you can add DNS records through WHM by using the Edit DNS Zone interface. The following example will illustrate how a DMARC record can look, and the different fields that are available.
DMARC Example
v=DMARC1; p=reject; rua=mailto:mailauth-reports@exampledomain.com
Change the “mailto:” address to the email address that reports should be sent to.
| Field | Setting |
| Name | _dmarc |
| TTL | 14400 |
| Type | TXT |
| TXT Data | This field will determine how remote servers will process any of your domain’s emails that don’t pass SPF/DKIM validation. The following options are available: None: “v=DMARC1; p=none; sp=none; rf=afrf; pct=100; ri=86400” Reject: “v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ri=86400” Quarantine: “v=DMARC1; p=quarantine; sp=none; rf=afrf; pct=100; ri=86400”By adding an email address, you can get email reports when DMARC validations fail:None: “v=DMARC1; p=none; sp=none; ruf=mailto:mailauth-reports@exampledomain.com; rf=afrf; pct=100; ri=86400″ Reject: “v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ruf=mailto:mailauth-reports@exampledomain.com; ri=86400″ Quarantine: “v=DMARC1; p=quarantine; sp=none; ruf=mailto:mailauth-reports@exampledomain.com; rf=afrf; pct=100; ri=86400″ |
