Domain-based Message Authentication, Reporting & Conformance is an email authentication protocol that is built on top of SPF and DKIM protocols. SPF and DKIM are prerequisites of DMARC and must be in place before setting up a DMARC policy.
Learn more about DMARC below or try the DMARC GENERATOR tool now
A DMARC policy allows a sender to indicate that their emails are signed by SPF and DKIM and tells a receiver what to do if neither of those authentication methods passes – such as junk or bounce the email. DMARC removes the guesswork from the receiver’s handling of these failed emails, limiting or eliminating the user’s exposure to potentially fraudulent & harmful emails. DMARC also provides a way for the email receiver to report back to the sender about emails that pass and/or fail DMARC evaluation.
Note there is no specific configuration needed in Elastic Email besides ensuring that your SPF and DKIM are both valid. Further, a DMARC policy on your domain(s) will affect all of your email sending from that domain (not just the mail you are sending through Elastic Email) so you need to ensure you are using SPF and DKIM for all your email delivery. For more information please click here.
The following are example DMARC TXT entries to set up on your domain(s) DNS.
Step 1 - Setup your DMARC policy to simply notify you of mail that is not passing SPF and DKIM
Step 2 - When you are no longer receiving negative reports, change your DMARC policy to quarantine which will not necessarily bounce email, but indicate to the recipient server they should consider quarantining it (junk or spam folder).
Step 3 - When you are satisfied that you are validating all the email from your domain(s) with SPF and DKIM change the policy to reject which will bounce the emails that do not pass SPF and DKIM validation.
Please click here to view a list of the most popular tags available for your DMARC policy as above are only examples.