Email - DMARC (Domain-based Message Authentication)


Domain-based Message Authentication, Reporting and Conformance (DMARC) is a text DNS Record that indicates to the receiving server what actions should be taken if the emails does not pass the email authentication mechanisms

It wards off email spoofing

DKIM and SPF should be set before setting a DNS DMARC record !

DMARC DNS record

The DMARC is a TXT record with the name _dmarc that contains a serie if options called record tags.

The only mandatory tag is v=DMARC1.

For instance, for the most relax policy (ie none policy), you could enter the following DNS record IN TXT "v=DMARC1; p=none; rua=mailto:[email protected]"

where the options are called record tags and


The policy defines the action taken on messages by the receiving server when they don’t pass the DMARC checks.

Policy Description Report
none no action is taken Yes
quarantine send message to the recipient’s spam or quarantine folder Yes
reject send a bounce No


Documentation / Reference

Powered by ComboStrap