What Is a DMARC Record?
A DMARC record is a TXT record in your DNS settings that tells email servers how to handle emails that fail authentication. With DMARC, you can specify whether to reject, quarantine, or take no action on suspicious emails. This helps distinguish legitimate emails from fake ones, reducing threats like phishing, spoofing, and CEO fraud.
Email providers like Google and Yahoo check for DMARC records to prevent spam. Without a DMARC record, your emails might get blocked by providers like Gmail.
DMARC Record Example
A typical DMARC record includes three key components (or tag-value pairs):
v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com
- v: Version of DMARC (e.g., DMARC1)
- p: Policy for handling failed emails (e.g., reject)
- rua: Email address for receiving DMARC reports (e.g., dmarc@yourdomain.com)
DMARC Policies
- None: No action on failed emails; reports sent to specified email.
- Quarantine: Failed emails go to the recipient’s junk folder.
- Reject: Failed emails are completely blocked.
Setting Up a DMARC Record
Here's a simple guide to set up a DMARC record with a basic security level:
Sign in to Your DNS Provider Account
Navigate to DNS Management
Create a New TXT Record
- Type: TXT
- Name/Host/Alias: _dmarc
- Time to Live (TTL): 3600 (or default)
- Value:
v=DMARC1; p=none; fo=1; rua=user@domain.com
(replaceuser@domain.comwith your email)
Save the Changes
Congratulations. Your DMARC record is now set up!