create dmarc record for domain

How to Create DMARC Record for your domain

DMARC(Domain-based Message Authentication, Reporting, and Conformance) record is a technical specification that enables email senders to tell receivers what they need to do if the emails sent to them doesn’t pass spam filters and other authentication tests. It is an important security tool that authenticates email senders and protects receivers from email spoofing. This ensures that only messages from proper sources are sent to receiver and others cannot spoof these emails. It allows organizations as well as individuals to quickly identify spam or phishing attacks, or other malicious emails and report them quickly. In this article, we will learn how to create DMARC record for your domain to protect the emails sent from it.


How to Create DMARC Record for your domain

DMARC record is a record website administrators need to add to their domain configuration. You need to log into your domain registrar’s website (GoDaddy, Namescheap, etc.) and add the following DMARC record as a TXT record type. Replace _dmarc.example.com with _dmarc.domain.com where domain.com is your website domain. Replace dmarc_report@example.com with the email ID of website administrator.

 _dmarc.example.com   TXT   "v=DMARC1; p=none; rua=mailto:dmarc_report@example.com; fo=1;"

Here is what the different terms in above record mean:

  1. _dmarc.example.com – Is the DNS record name, where example.com is your domain name.
  2. TXT – Is the DNS record type
  3. v=DMARC1 indicates that this is a DMARC record.
  4. p=none – specifies that no action to be taken if DMARC validation failed.
    • p=none: Monitor your email traffic. No further action taken.
    • p=quarantine: Sends unauthorized emails to spam folder.
    • p=reject: The final policy and the ultimate goal of implementing DMARC. This policy ensures that unauthorized email doesn’t get delivered at all.
  5. rua=mailto:dmarc_report@domain.com is an email address to send daily reports.
  6. fo=1, says that all failures should be reported.

DMARC record works by checking the domain mentioned in from address of an email with the domain of the email server that actually sent the email. If the domains do not match, then the email is not sent.

DMARC also has a mechanism to automatically notify the sender about email authentication failure so that senders can take action to fix the problem. It basically protects both email senders as well as receivers from email spoofing and other malicious email-based attacks.

Also read:

MySQL Query to Get Column Names
How to Find Min & Max Values of Column in Pandas
How to Redirect Stdout & Stderr to File in Python
How to Extract Numbers from String in Python
How to Concatenate List Items into String in Python

Leave a Reply

Your email address will not be published.