How to Add DMARC Record to AWS’s DNS-Route 53

This guide will show you how to add DMARC record to your domain. Experts at EasyDMARC strongly recommend to add DMARC (Domain-based Message Authentication Reporting and Conformance) record only for monitoring: with policy (p) = none. Here is the example

_dmarc TXT v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=none;

You can use EasyDMARC’s free DMARC record generator to create yours.

Set Up the records into Route 53!

Step 1

After logging in you need to go Route 53 page from the services menu under the Networking & Content Delivery.

           add-DMARC-record-in-an-easy-way

Step 2

Go to hosted zones under the DNS management

AWS-Route-53-hosted-zones

Step 3

Chose the appropriate domain/zone.

AWS-Route-53-Zone-configuration

Step 4

In the domain configuration page Create Record Set and chose the TXT as type

Create Record Set and chose the TXT as type

 

Step 5

Create the TXT record as it shows this example.

create-TXT-record

It can take several minutes or even several hours until your DNS record will be updated worldwide. Wait for a little after test DMARC record by free DMARC check tool.

If the DNS propagation done you should see the result like this

DMARC-record-lookup

p.s. for policy none you will see the red line.

Remember, only DMARC record with “p=reject” policy is the most powerful and industry standard email authentication system. However achieving “p=reject” is hard, because putting it in DNS without proper monitoring, can get your perfectly valid emails to be rejected.

After a day or 2 email service providers will start to send DMARC XML reports to the email address that you have published in your record. You need to collect and analyze aggregated reports which can give you deep inside of you email flow.

Aggregated reports are in XML format and it is hard to analyze them. You can use free DMARC aggregated reports analyzer for visualization.

DMARC-XML-analyzer

 

You can use the EasyDMARC to automate the process and receive notifications and suggestions to improve your email security.

Are you running on a different DNS provider?

Then one of these posts might be useful

How DMARC Can Improve Email Deliverability?

How DMARC Can Improve Email Deliverability?

There’s no doubt that email marketing is an essential and powerful tool for any...

Read More
Email Security News Round-Up [September 2022]

Email Security News Round-Up [September 2022]

September was a busy month filled with email security news and cybersecurity news stories...

Read More
How to Increase Domain Reputation with SPF

How to Increase Domain Reputation with SPF

Is your email open rate decreasing? Noticing a higher bounce rate? Well, this could...

Read More