Domain-based Message Authentication, Reporting, and Conformance (DMARC)

DMARC is known to be as domain-based message authentication, reporting and conformance, which is the latest advancements in the email authentication.

The DMARC confirms that the genuine email is properly authenticated against already established SPF and DKM standards so that the emails coming from a fraud activity can be blocked.

Domain-based Message Authentication, Reporting, and Conformance (DMARC) 

How does DMARC works?

This is how the validation of DMARC process.

1. The administrator publishes the DMARC policy on how receiving mail servers should handle mail that violates this policy.

2. The DMARC policy is added in the DNS records as part of the domain’s overall DNS records.

3. When the mail server receives the incoming mail, it uses DNS to lookup for the DMARC policy for the domain contained in the messages From header. The mail server then checks evaluates the message for the following factors.

Does the DKIM signature validate?

Does the message come from the IP addresses allowed by the sending domain’s SPF records?

3. While checking the above factors the server decides whether to accept the message or reject the message.

4. The receiving mail server will report the actions to the sending domains owners.

How to register with DMARC?

The DMARC policy can be generated very easily with 5 steps. Please follow this LINK it will take you to the website which helps you to generate a DMARC policy.

  • Please select the type of DMARC policy which you prefer.
  • Select the percentage of emails which should be analyzed.
  • Select yes if you would like to receive aggregated reports about emails that failed DMARC check
  • Select yes if you would like to receive forensic reports about the email that failed DMARC check.
  • Select how strictly DMARC should check SPF and DKIM entries.Click Generate.
  • Now you have successfully generated the DKIM record.

How to configure DMARC in the DNS records?

  • Please go to your domain cPanel and access the DNS records.
  • Please add the record as shown below.

Name : _dmarc(or_dmarc.yourdomain)
Type : TXT
Value : v=DMARC; p=none; ( DMARC record generated before )

  • Please save the zone file and give some time for propagation delay( approx 3hrs ) to complete.

If you have followed the steps correctly, you can see your DMARC entry.

Leave a Reply