DMARC

Axigen Documentation

Once SPF and DKIM are in place, you can configure DMARC by adding policies to your domain's DNS records in the form of TXT records (just like with SPF).

The TXT record name should be _dmarc.your_domain.com. where your_domain.com is replaced with your actual domain name.

Here are common tags used in DMARC TXT records:

Tag Name

Required

Purpose

Sample

v

required

Protocol version

v=DMARC1

p

required

Policy for domain

p=quarantine

pct

optional

% of messages subjected to filtering

pct=20

rua

optional

Reporting URI of aggregate reports

rua=mailto:aggrep@example.com

sp

optional

Policy for subdomains of the domain

sp=r

aspf

optional

Alignment mode for SPF

aspf=r

See the DMARC Tag Registry for other available tags.

Example Records

Here are some example DMARC TXT records (_dmarc.your_domain.com IN TXT) you may modify for your own use. Of course, replace your_domain.com and postmaster@your_domain.com with your actual domain and email address.

In the following example TXT record, if a message claims to be from your_domain.com and fails the DMARC checks, no action is taken. Instead, all of these messages appear on the daily aggregate report sent to postmaster@your_domain.com.

In the next example TXT record, if a message claims to be from your_domain.com and fails the DMARC checks, quarantine it 5% of the time. Then email daily aggregate reports to postmaster@your_domain.com.

In the final example, if a message claims to be from your_domain.com and fails the DMARC checks, reject it 100% of the time. Then email daily aggregate reports to postmaster@your_domain.com and dmarc@your_domain.com.