FAQ

SPF

How do you handle SPF flattening? Do we need to give you access to our DNS settings of the domain for that?
No, you don't need to give us your DNS settings or any other access. With our EasySPF, we will provide you with a single include: mechanism that you will apply in your DNS, and every update/change in your SPF Record will be managed from your EasyDMARC account portal.
What does "Too many DNS lookups'" mean?
SPF specification has a limit on the number of DNS lookups (10) required to fully resolve an SPF record. This is a highly critical limitation to prevent Denial of Service (DoS) attacks. If you are using multiple Third-Party services for your various email strategies, it can be easy to exceed this limitation. Check our EasySPF solution on how to overcome this limitation.
Since there can be only one SPF Record, how can I add or whitelist multiple servers in a single TXT Record?
For adding two SPF includes in your single SPF record, you need to include the two include: mechanisms next to each other for example: v=spf1 include:example.com include:example2.com ~all.
I have an issue with my SPF record length. I got "Record is too long. It must be no more than 450 characters"!
If your SPF record has more than 450 characters, this may lead to SPF record validation errors. To solve this issue, you need to adjust your SPF Record or check our EasySPF solution.
To top

DKIM

What are DKIM selectors?
DKIM selectors are part of DKIM Records. Check our article for more information.
To top

DMARC

I created a DMARC record, but I am still getting an error.

There can be multiple cases for this. Most common cases include:

1. Syntax issue with subdomain added in the "Host" or "Name" section. DMARC needs to be implemented on _dmarc.yourdomain.com subdomain. Make sure you got that right.

2. Some DNS Zones (e.g GoDaddy) will not inherit but overwrite the subdomain name once added in the "Host" section. (For e,g, when you input your whole subdomain "_dmarc.yourdomain.com", GoDaddy will read that as "_dmarc.yourdomain.com.yourdomain.com" which invalidates your DMARC Record. To fix this, simply remove your domain name and just keep "_dmarc".

3. You have multiple DMARC Records implemented in your DNS. Make sure you have only one DMARC TXT Record on per your root/subdomain level.

4. You are still with DMARC None policy (Monitoring mode) and you are getting an error indicating "DMARC record is valid, but you are not protected against email spoofing and phishing". This is a warning sign from our side that your DMARC Policy is not enforced, and your domain is still open to any spoofing attempts.

I got the alert "DMARC record is valid, but you are not protected against email spoofing and phishing." Can you guide what settings are missing?
That is because your DMARC record policy is p=none; which is the monitoring phase to ensure all your email vendors pass the DMARC check, when you later enforce your DMARC record to higher levels then that alert will disappear. That means to change your policy from p=none; to p=quarantine; and later p=reject.
How do I know whether I'm ready to switch to p=reject?
DMARC enforcement can be achieved after making sure that all your outgoing legitimate servers are properly authenticated . Contact our Support team to discuss further.
To top

BIMI

Do I need BIMI?
BIMI is a fairly new protocol and not many ISPs currently support it. Also, for BIMI to work, first you need to have an enforced DMARC Policy (Quarantine or Reject). We at EasyDMARC highly recommend our users to first start with their DMARC enforcement journey, and then proceed forward with BIMI.
To top

Reporting

Is it possible to speed up the display of DMARC Aggregate reports?
If you've just added or updated your DMARC Record, it will take up to 72 hours (3 days) until the first DMARC reports are received. After that, reports are usually updated every 24-32 hours.
I've modified my DMARC record to send emails to my assigned easydmarc.com email address, but reports don't show up in my dashboard
If you've just added or updated your DMARC Record, it will take up to 72 hours (3 days) until the first DMARC reports are received. After that, reports are usually updated every 24-32 hours.
DMARC Aggregate vs. Failure Reports - What is the difference?
There are 2 different types of DMARC reports: Aggregate report and Failure (formerly known as Forensic report). Check our article for more information.
DMARC Compliant vs. Non-Compliant vs. Threat/Unknown vs. Forwarded tabs - What do they represent?

EasyDMARC segments DMARC Reports into 4 tabs to make your DMARC enforcement journey easier and successful.

DMARC Compliant: Under this tab, our system discovers and shows you all the email sources that are sending DMARC Compliant emails on your domain behalf. These are your legitimate sources that are meeting compliance via SPF and/or DKIM authentication and alignment.

DMARC Non-Compliant: This tab identifies all your sending sources that are failing DMARC compliance checks. These sources are failing both SPF and DKIM authentication and alignment.

Threat/Unknown: This tab identifies all the spoofing or fraudulent attempts on your domain behalf that are being sent from Source IPs that are blacklisted in multiple RBLs (Blacklist checks) or a Source IP which doesn't resolve to a Reverse DNS (PTR). You may, at some point, discover your legitimate servers labeled under this tab, which indicates your server is either blacklisted in multiple lists or lacks Reverse DNS (PTR).

Forwarded: Forwarding happens when your receiver forwards your email to another recipient. This is usually caused by Auto-Forwarding or Routing rules that are applied in major Mailbox Providers.

To top

Account & Domains

How can I add additional users to have access to our account?
With access to User Management (available in the Premium and Business packages), you can add additional users directly from the "User Access" tab available in your EasyDMARC portal.
Are DMARC reports included in the free version?
Yes. If your monthly email volume doesn't exceed 10,000 mark, you can stay in our Free tier with limited features.
Is there a possibility to extend the trial period?
Yes, we at EasyDMARC are highly flexible and can adjust to your needs.
Does EasyDMARC provide 24/7 support especially on the implementation part?
Yes, we do. It mainly depends on the subscription and the agreement plan.
I purchased a Plus plan and accidentally applied it to a domain I didn't want to, how often can I move my plan to another domain?
Since our domain counter resents per month it is not possible to remove and add more than 2 times within your plan. For example, if you purchased the plan on April 22nd, you can apply the plan to another domain on the 22nd of May.
To top

Still need help?

Drop us a word, if you didn't find all the answers or still have issues to solve.