Creating a DMARC record involves a few straightforward steps:
Step 1: Understand Your Current Email Authentication
Before you create a DMARC record, ensure you have
SPF (Sender Policy Framework) and
DKIM (DomainKeys Identified Mail) set up for your domain. These are prerequisites for a DMARC policy to function correctly.
Step 2: Choose Your DMARC Policy
There are three main policies you can choose for your DMARC record:
-
none: No specific action is taken. This is useful for monitoring.
-
quarantine: Emails that fail DMARC checks are treated as suspicious and may be placed in the spam folder.
-
reject: Emails that fail DMARC checks are not delivered at all.
Step 3: Create the DMARC Record
A DMARC record is a DNS TXT record. Here is an example of a DMARC record:
_dmarc.example.com. IN TXT "v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@example.com; ruf=mailto:forensic-reports@example.com; pct=100"
This record specifies that emails failing DMARC checks should be quarantined. Reports will be sent to the specified addresses.
Step 4: Publish the DMARC Record
To publish your DMARC record, you need to log in to your DNS hosting provider's management console and add the TXT record to your domain's DNS settings.