DMARC

Written by

Yujin Boby

DMARC is used to protect your email from email spoofing. DMARC use SPF and DKIM record to validate your email.

DMARC is a TXT record added in your domain DNS.

DMARC record look like

v=DMARC1;p=POLICY_HERE;pct=100;rua=mailto:postmaster@your-domain.com;ruf=mailto:admin@your-domain.com;rf=afrf

p=POLICY_HERE

This specifies what to do with incoming email that fails DMARC.

Valid options are none, quarantine and reject.

p=none – used for monitoring. If DMARC fails, the remote mail server will send a mail to “rua” or “ruf” tags specified in the DMARC record.

p=quarantine – tell the recipient mail server to put the message in the SPAM folder if DMARC fails.

p=reject – reject mail if DMARC fails.

rf=afrf – Specify the type of report you will get.

Reject Emails that fail DKIM/SPF check

v=DMARC1; p=reject; rua=mailto:admin@your-domain.com

Filter and Reject Only 95% mails

v=DMARC1; p=reject; pct=95; rua=mailto:admin@your-domain.com

Quarantine Emails that fail DKIM/SPF check

v=DMARC1; p=quarantine; rua=mailto:admin@your-domain.com

Back to Mail

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts