How to Create a DMARC Record
A DMARC record is used to protect against email spoofing. It is a TXT record that is included in the DNS record for a domain. What to do with messages that fail or pass DMARC authentication is specified in the DMARC record for receiving mail servers. In this article, we will be discussing steps to create a DMARC record.
Steps to create a DMARC record
Step 1: Identify your business email domain
Determine the email address from which you send commercial emails. The domain is mycompany.com, for instance, if you send sales emails to potential customers at [email protected].
Step 2: Generate a DMARC record
Create a Skysnag account to generate your DMARC record.
Step 3: Add the DMARC record to your DNS
Copy the DMARC record from the Skysnag dashboard, then add it to your DNS records.
Step 4 Verify the DMARC record
After you have added the DMARC record to your DNS, please verify using the Skysnag dashboard.
The DMARC record is added to your DNS zone file in the following format:
_dmarc.example.com IN TXT “v=DMARC1; p=reject; rua=mailto:[email protected]”
The DMARC record contains the following parameters:
v=DMARC1 – The version of DMARC.
p=reject – The policy for messages that fail DMARC authentication.
rua=mailto:[email protected] – The email address to which aggregate reports are sent.
The DMARC record can also contain the following parameters:
Tag | Description |
pct | The percentage of messages to which the DMARC policy is applied. |
sp | The policy for messages that pass SPF authentication. |
fo | The policy for messages that fail SPF authentication. |
ruf | The email address to which failure reports are sent. |
rf | The format of failure reports. |
ri | The interval at which aggregate reports are sent. |
adkim | The alignment mode for DKIM. |
subdomain | The policy for subdomains. |
aspf | The alignment mode for SPF. |
Final thoughts
Skysnag is here to protect you against email spoofing attacks. Our automated DMARC solution is capable of mitigating the impact of phishing, ransomware, and malware attacks while avoiding Business Email Compromise. Get started with Skysnag and sign up using this link to completely secure your email and ensure your organization’s DMARC records are configured correctly.
Check your domain's DMARC security compliance
Enforce DMARC, SPF and DKIM in days - not months
Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.