Skip to main content
All CollectionsEmail Deliverability
What is DMARC and how is it set up?
What is DMARC and how is it set up?

Learn how DMARC email protocols authenticate your emails

Anil Vithani avatar
Written by Anil Vithani
Updated over 8 months ago

Understanding DMARC email authentication protocol:

  1. What is DMARC

  2. How do I set up DMARC

  3. Do I need to make any changes using SuperReach?

  4. Where do I check everything is set up correctly?

What is DMARC?

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance (DMARC)

It enables the sender to indicate that their emails are protected by SPF and/or DKIM, and informs the receiving mail server what to do with the email if neither of those authentication protocols passes

A domain's DMARC policy can be set in a variety of ways โ€” it can instruct mail servers to quarantine emails that fail SPF or DKIM (or both), to reject such emails, or to deliver them.

Furthermore, it provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation.

In essence a DMARC policy reduces the likelihood of your domain being exploited for email-based attacks. This is viewed positively by spam filters when reviewing emails sent from your domain.

How do I set up DMARC?

Please ensure SPF and DKIM have been set up and operational for 48 hours before implementing DMARC.

Implementing DMARC is a simple process that requires only a single DNS update (collaborate with your hosting provider to create and publish your DMARC record.).

  • For Gmail users, follow the guide here

  • For Office 365 users, check the appropriate settings here

There are 3 options in your DMARC policy:

p=none

It instructs mail providers to do nothing with emails that fail authentication. Does not protect you from spoofing.

p=quarantine

It instructs mail providers to place such emails to spam. Protects you from spoofing.

p=reject

It instructs mail providers to reject emails that fail authentication. Protects you from spoofing.

Note: Important!

Please, do not use quarantine and reject policies unless you are sure you have authenticated all mail servers that send emails from your domain with SPF and DKIM. (If not, your deliverability from unauthenticated servers will be hurt).

Also please ensure you have reviewed the DMARC aggregated reports to decide how to adjust your DMARC policy and fix any issues identified.

Follow the rollout plan from Google here is our recommendation.

โ€‹Do I need to make any changes using SuperReach?

No, as long as your normal day-to-day emailing provider (Gmail, Office365, Exchange etc.) has a valid DMARC record on your domain then SuperReach will be set up correctly.

โ€‹

Where do I check everything is set up correctly?

Luckily several tools on the market will check everything is set up correctly for you. Try some of the links below to get you on your way:

https://mxtoolbox.com/

https://toolbox.googleapps.com/apps/checkmx/

https://www.mail-tester.com/

Your IT support team should be able to fix any issues that are identified.

Did this answer your question?