DMARC Record
Generator
Create a customized DMARC DNS record for your domain to enhance email security and ensure proper handling of unauthorized emails. Generate your DMARC policy in seconds.
Your DMARC Record
How to Add This Record
- 1 Log in to your DNS provider or domain registrar
- 2 Navigate to DNS settings for your domain
- 3 Add a new TXT record with host _dmarc
- 4 Paste the DMARC record above as the value
- 5 Save and wait for DNS propagation (up to 48 hours)
Record Summary
Understanding DMARC Records and Their Importance
What is a DMARC Record?
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a DNS-based email authentication protocol that helps protect your domain from email spoofing and phishing attacks. It builds upon SPF and DKIM by specifying how receiving mail servers should handle emails that fail authentication checks, and provides reporting mechanisms to give you visibility into email traffic claiming to be from your domain.
Why are DMARC Records Important?
Email Security
DMARC records protect your domain from being used in phishing and email spoofing attacks, which can compromise the security of your organization and your customers.
Improved Deliverability
By ensuring that only authenticated emails are delivered, DMARC helps improve the deliverability of your legitimate emails to recipients' inboxes and builds sender reputation.
Visibility and Reporting
DMARC provides valuable reports that give you visibility into who is sending emails on behalf of your domain, allowing you to detect and address unauthorized email activity.
How to Configure DMARC Records
Set Your Policy
Choose the policy (none, quarantine, or reject) for how you want unauthenticated emails to be handled. Start with "none" to monitor, then gradually move to "quarantine" or "reject".
Specify Reporting Options
Configure reporting options to receive aggregate and forensic reports on email authentication results. This helps you monitor performance and detect potential issues.
Align SPF and DKIM
Ensure that your SPF and DKIM records are properly configured and aligned with your DMARC policy to maximize email authentication effectiveness.
Common DMARC Record Mistakes to Avoid
Incorrect Policy
Starting with "reject" before monitoring can block legitimate emails. Begin with "none" to understand your email traffic first.
Missing Reports
Not enabling reporting means you have no visibility into authentication results or unauthorized email activity.
Misaligned Records
SPF and DKIM records that aren't properly aligned with DMARC can cause false positives and delivery issues.
DMARC Tag Reference
v=DMARC1 Version tag (required, always DMARC1)
p=none|quarantine|reject Policy for handling failed messages
sp=none|quarantine|reject Subdomain policy (optional)
rua=mailto:email Aggregate report destination
ruf=mailto:email Forensic report destination
pct=0-100 Percentage of messages to apply policy
Need Enterprise Email Infrastructure?
Octeth provides self-hosted email marketing software with built-in DMARC compliance tools. Own your infrastructure and maintain full control over email authentication.