The DMARC Generator Tool

In this post, we cover a few details about DMARC and invite you to try out our new DMARC GENERATOR tool.

Support Team avatar
Written by Support Team
Updated over a week ago

Domain-based Message Authentication, Reporting & Conformance is an email authentication protocol that is built on top of SPF and DKIM protocols. SPF and DKIM are prerequisites of DMARC and must be in place before setting up a DMARC policy.

Learn more about DMARC below or try the tool tool now

A DMARC policy allows a sender to indicate that their emails are signed by SPF and DKIM and tells a receiver what to do if neither of those authentication methods passes – such as junk or bounce the email. DMARC removes the guesswork from the receiver’s handling of these failed emails, limiting or eliminating the user’s exposure to potentially fraudulent & harmful emails.

In short, this basically means that a valid DMARC record is treated as a kind of certificate of being a legitimate sender to the recipient's server.

DMARC also provides a way for the email receiver to report back to the sender about emails that pass and/or fail DMARC evaluation.

Note there is no specific configuration needed in Elastic Email besides ensuring that your SPF and DKIM are both valid.  Further, a DMARC policy on your domain(s) will affect all of your email sending from that domain (not just the mail you are sending through Elastic Email) so you need to ensure you are using SPF and DKIM for all your email delivery.  For more information please click here.

The following are example DMARC TXT entries to set up on your domain(s) DNS.

Step 1 - Setup your DMARC policy to simply notify you of mail that is not passing SPF and DKIM


Value: v=DMARC1;p=none;pct=100;;

Step 2 - When you are no longer receiving negative reports, change your DMARC policy to quarantine which will not necessarily bounce email, but indicate to the recipient server they should consider quarantining it (junk or spam folder).


Value: v=DMARC1;p=quarantine;pct=100;;

Step 3 - When you are satisfied that you are validating all the email from your domain(s) with SPF and DKIM change the policy to reject which will bounce the emails that do not pass SPF and DKIM validation.


Value: v=DMARC1;p=reject;pct=100;;

Please click here to view a list of the most popular tags available for your DMARC policy as above are only examples.

Did this answer your question?