How to Setup DMARC: A Step by Step Guide | EasyDMARC

How to Setup DMARC: A Step by Step Guide

5 Min Read
How to Setup DMARC A Step by Step Guide 1

If the security of your email infrastructure is important to you and you want to start protecting your clients, vendors, partners, and in general, everybody who receives emails from you, it’s time to look into email security protocols.

You want to learn how to add DMARC to your email infrastructure so that you can leverage all of its benefits. You can add DMARC record to DNS in less than 5 minutes on your own without technical support. Here is how to setup DMARC in DNS painlessly.

Why Add DMARC Record in DNS?

Finding out how to add a DMARC record to your email (Domain-based Message Authentication Reporting and Conformance) is how you make internet service providers trust the emails sent from your domain. Proper DMARC configuration also protects your customers and employees from phishing and spoofing attacks.

DMARC setup helps companies get visibility and transparency into the spoofed and illegal emails sent using their domain names. Moreover, DMARC is a fantastic tool with its ability to differentiate all the emails that are sent from you or a hacker. These can be a third party, business units, or threat actor.

Here is the examples of phishing attempts:


Why Do Companies Need to Build a DMARC Record and Protect Business Email?

Businesses that use DMARC save time on catching cybercriminals and finding out the illegal usage of their email by hackers. This, in addition to brand trust and authority,  the elimination of customer support costs and email fraud, are some of the many benefits of knowing how to setup DMARC and taking the recommended steps.

DMARC gives your customers private and trusted email communication without the fear of being a cyberattack victim. It will amaze You how much businesses losing their money due to cyber attacks.

The average cost of data breach

  • 64% of companies have experienced web-based attacks
  • 62% experienced phishing & social engineering attacks
  • 59% of companies experienced malicious code and botnets and
  • 51% experienced denial of service attacks

What is DMARC?

DMARC is an open standard enabled on 70% of the world’s inboxes. DMARC setup is also the best way for businesses to protect their emails from illegitimate usage and cyber attacks.

DMARC is built upon two other authentication protocols: One is SPF (Sender Policy Framework), and another is DKIM (DomainKeys Identified Mail). You should have SPF and DKIM on your Envelope Form and Friendly Form domains before proceeding with DMARC.

DMARC (aka Domain-based Message Authentication, Reporting, & Conformance) is an email authentication standard based on SPF & DKIM protocols. Learning how to setup DMARC and DKIM lets the customer get visibility into how their email domains are used, allowing them to catch all the fraud emails that are sent from an unauthorized server, besides these benefits, it increases email deliverability, gives companies trust high level that customers wish to communicate without receiving a fraud from them, makes companies not to lose their money on phishing, sending an email to the recipients inbox is also one of the advantages of using DMARC.

DMARC record example

_dmarc v=DMARC1;p=reject;sp=none;pct=100;adkim=r;aspf=r;rua=mailto:[email protected]; ruf=mailto:[email protected];rf=afrf;ri=86400;fo=1

SPF (aka Sender Policy Framework) allows domain owners to choose which email addresses one can send an email from with their domain- it is the “From” header of the email. SPF can catch the unauthorized servers which a hacker sends an email from, furthermore, it protects a real message from the domain owner. With SPF, a receiver can consider the email authentic.

SPF record example v=spf1 mx ip4: -all

DKIM (aka DomainKeys Identified Mail) DKIM is an email authentication standard that is associated with a signature checker that a sender inserts into the email message. The sender’s cryptographic signatures are designed for receivers to verify by using DNS-hosted public keys. If the signature is correct and checked, DKIM identifies it as a reliable domain level.

DKIM record example

example._domainkey  v=DKIM1; k=rsa; p=public_key

The DMARC protocol allows senders to publish policy records to manage the emails’ reach on inbox or spam box, or rejecting. The policy features that DMARC enables are:

  • P=none – None is monitor mode that doesn`t prevent emails from getting into the spam box but only monitors them.
  • p= quarantine – Helps you send fraud emails to the spam box.
  • P= reject—reject policy is what your company needs to achieve high email protection. It prevents illegal emails from reaching the receiver’s inbox or even the spam box.

Build Your DMARC Record in Less Than 1 Minute With the Help of Our Advanced Email Protection Tools!

Here is how to setup DMARC in your DNS in a few easy steps:

  1. Go to the EasyDMARC website and generate your DMARC record with our DMARC generator.
  2. If You have multiple domains you need to generate your DMARC text record in your DNS for each sending domain.
  3. Set the DMARC policy to “none,” indicating DMARC’s “monitor” mode.
  4. With DMARC in monitor mode, you can gather information on your entire email ecosystem and see who is sending emails on behalf of your brand, what emails are getting delivered, and what emails are not.
  5. Add a TXT record to your DNS service, it should be like this:

How to Set Up a DMARC Record in DNS?

Go to your hosted domain and find the DNS administrator to add Your DMARC record to DNS. After doing this, you can easily monitor your domain. We suggest you use our domain so we can send you reports and you will know where email traffic comes from. Soon, you’ll be amazed at how many bad actors are using your domain and how many fake users are trying to act in your name.
Use our free tool for DMARC validation and verification.

Various authors from EasyDMARC teams have contributed to our blog during company's lifetime. This author brings everyone together.


Inline Feedbacks
View all comments

succees We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.

succees You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us