DMARC

Spammers will often try to forge the "From" address in an email to deceive recipients and perform unlawful activities. Obviously mailbox providers want to prevent such emails landing in the inbox of their users, and email senders don't want their emails to be tampered with. The only way to achieve these goals, though, is by implementing domain authentication techniques.

DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that uses the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to validate emails. DMARC allows a business to publish a policy that provides instructions to the receiving servers of mailbox providers on how to handle unauthenticated emails sent from their domain.

When you implement DMARC, there are three actions you can instruct the receiving server to perform when they receive unauthenticated emails from your domain.

Take no action [ p = none ]

You can design a policy and set it as "p=none". When a receiving server identifies an unauthenticated email, it will accept it without taking any action.

Quarantine the email [ p = quarantine ]

You can design a policy and set it as "p=quarantine". When the receiving server identifies an unauthenticated email, it will accept the email and store it in the quarantine folder on the server. Only the server's administrators will be able to view these emails.

Reject the email [ p = reject ]

You can design a policy and set it as "p=reject". The policy will instruct the receiving server to reject unauthenticated email. You can learn more about the email that got rejected by analyzing the DMARC failure report.

How DMARC works

DMARC is dependant on two other email authentication techniques, SPF and DKIM. For an email to pass the DMARC validation, it must either pass the SPF authentication and alignment validation or DKIM authentication and alignment validation.

Step 1

You need to publish the DMARC policy that provides instructions to the receiving servers of mailbox providers on handling emails that violate the policy. The record may take 24 hours to get reflected.

Step 2

You need to authenticate your sender domain by implementing SPF and DKIM. If you send emails without implementing SPF and DKIM, your emails may bounce. After implementing SPF and DKIM, when you send emails, the receiving server of the mailbox provider will use the DNS to identify the DMARC record corresponding to the sender domain. The receiving server will perform the following actions:

‌Validate the DKIM key.
Verify whether the email was sent from an IP address that's listed in the SPF record.
Verify whether the headers in the email message show proper domain alignment.

Step 3

‌The receiving server will apply the DMARC policy and carry out the instruction defined in the policy.

Step 4

‌The receiving server will send a report on how it handled the email to the reporting email address listed in the DMARC record.

Decoding the DMARC record

Here's a sample DMARC record:

v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100

v - Indicates the version of DMARC that's being used.

p - Indicates the policy set by the business.

rua - Indicates the URI to which a consolidated report will be sent detailing the SPF and DKIM validation results, information about the sending and receiving domains, and the percentage of successful authentications.

ruf - Indicates the email address to which the detailed SPF/DKIM failure report will be sent.

pct - Indicates the percentage of emails on which the policy will be applied.

How to implement DMARC records

DMARC implementation consists of three steps which are described in more detail below:

Validate your SPF and DKIM records
Generate a DMARC record
Add the record to your domain's DNS

Validate your SPF and DKIM records

You need to verify if your SPF and DKIM records are authenticated and properly aligned. Please remember that it is mandatory to set up SPF and DKIM records for your domain to implement DMARC. If either SPF/ DKIM record's authentication and alignment check fails then the DMARC test will also automatically fail.

To check the SPF / DKIM alignment :

For your SPF record, ensure that the "from address" and the "return-path address" match
For your DKIM record, ensure that the "from address" and the "d" tag of the record match.

Learn how to set up SPF and DKIM records for your domain.

Generate a DMARC record

You can use any tool recommended listed by DMARC.org to generate a new DMARC record.

Add DMARC record to your domain's DNS

The final step is to add the DMARC record to the DNS server as a TXT record. Each domain hosting provider has a different process for completing this task. You can do this last step on your own or get your domain hosting provider to help you.

Choose an email account to receive DMARC reports

You must choose an email account to receive reports on the performance of your email. We recommend that you use a distinct email account so that the emails do not get lost in the flood of other emails you receive on a regular basis. These reports will help you understand how your email is performing and will assist you in changing the way you communicate with your recipients.

Benefits of implementing DMARC

Implementing DMARC has the following benefits:

Prevents fraudsters from using your sender domain to perform spoofing activities.
Improves email deliverability as implementing DMARC will get you into the good books of mailbox providers and anti-spam service.
It helps you monitor the emails you send and gives you control over how mailbox providers handle unauthenticated emails sent from your domain.

At Zoho Campaigns, we urge our users to implement SPF, DKIM, and DMARC, as it is the best way to safeguard your emails. Read our help article to learn more about setting up the SPF and DKIM TXT records of your sender domain.

Zoho CRM Training Programs

Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

Redefine the way you work

with Zoho Workplace

Start your free trial

Zoho DataPrep Personalized Demo

If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

Create, share, and deliver

beautiful slides from anywhere.

Get Started Now

Zoho Sign now offers specialized one-on-one training for both administrators and developers.

BOOK A SESSION

Zoho Workerly Home
Forums
Connect With Us:

Zoho Recruit Home
Forums
Connect With Us:

Start tracking your website metrics today

Use PageSense to understand what your visitors are looking for, how they are behaving, and where they are facing problems on your website.

Ready to improve your website's performance?

Install the PageSense code snippet on your site in a matter of minutes and start collecting in-depth data about the website visitors to grow your business.

Track and measure every business goal

Set up goals in PageSense to measure every single action performed by visitors on your website like button or link clicks, form submissions, and page engagements.

Understand the customer journey on your website

Create funnels in PageSense to quickly see which pages visitors use to enter your website, where they navigate to next, and which pages they decide to leave without converting.

Visualize your visitor's behavior with color codes

Set up heatmaps in PageSense to see where users have clicked more, how far they've scrolled, and on which parts of a page they've spent the most time using color-coded patterns in reports.

Measure customer engagement with your web forms

Use form analytics in PageSense to see how people interact with different fields in your form, whether they complete the form successfully or not, and where exactly they drop out on your form.

Record real visitor interactions on your website

Use session recordings in PageSense to watch a video of all the visitor actions performed on your website including the pages they navigate, the buttons they click, the UX issues they face, and more.

Test and optimize webpages for better conversions

Run A/B or Split URL tests in PageSense to figure out which version of your web page works best for your business and results in the best conversion rate.

Give each customer a unique website experience

Use personalization in PageSense to deliver customized versions of your website for every individual customer based on their demographics, local weather, browsing history, and more.

Grow your business through customer feedback

Run polls on your website using PageSense to understand what your customers think about your products/services and what needs improvement on your site.

Send timely updates that customers love

Use web push notifications in PageSense to schedule and notify your customers about an upcoming flash sale, product releases, promotional coupons, and a lot more that can spark conversions on your website.

Advertise your business to website visitors

Use pop-ups in PageSense to instantly grab the attention of visitors by showing attractive signup offers, coupon code discounts, or email newsletters that can eventually convert them into subscribers.

Access more advanced settings in PageSense

Use PageSense's advanced features like creating mutually exclusive groups, enabling cross-domain tracking, configuring customized project JS, and more to get deeper insights about your website.

Try easy-to-use extensions

Download the PageSense extension app available for your web browser with a few clicks and start collecting all of your required website metrics in real time.

Discover your favorite integrations with PageSense

Get a deeper look at your website's data by seamlessly integrating PageSense with a host of popular third-party apps like Google Analytics, Mixpanel, Intercom, and more.

Still can't find what you're looking for?

Write to us: support@zohoforms.com

Quick Links	Workflow Automation	Data Collection
Web Forms	Enterprise	Begin Data Collection
Interactive Forms	Workplace	Data Collection App
Offline Forms	Customer Service
Digital Forms	Marketing	Form Templates
HTML Forms	Education	Halloween Forms
Contact Forms	E-commerce	Business Forms
Lead Generation Forms	Healthcare	Medical Forms
Wordpress Forms	Customer onboarding	Education Forms
No Code Forms		E-commerce Forms
Free Forms
Prefill Forms
Intake Forms
Form Designer
Card Forms
Assign Forms
Translate Forms
Electronic Forms
Notification Emails for Forms Holiday Forms

New to Zoho Social?

Manage your brands on social media

Access Zoho Social

Zoho Sheet Resources

New to Zoho Forms?

Latest Feature Updates

Explore our Pricing & Plans

Zoho Forms Resources

Secure your business

communication with Zoho Mail

Get started

Mail on the move with

Zoho Mail mobile application

Go Mobile

Stay on top of your schedule

at all times

Get started

Carry your calendar with you

Anytime, anywhere

Get started

Latest Announcements

New to Zoho Sign?

Zoho Sign Resources

Sign, Paperless!

Sign and send business documents on the go!

Get Started Now

Zoho SalesIQ Resources

New to Zoho TeamInbox?

Zoho TeamInbox Resources

Connect with us

New to Zoho ZeptoMail?

LEARN MORE

Latest Feature Updates

Zoho DataPrep Resources

New to Zoho DataPrep?

Access Zoho DataPrep

Zoho DataPrep Demo

Get a personalized demo or POC

Design. Discuss. Deliver.

Create visually engaging stories with Zoho Show.

Get Started Now

New to Zoho Workerly?

Access Zoho Workerly

New to Zoho Recruit?

Access Zoho Recruit

New to Bigin?

Signup Now

Access Bigin

Latest Feature Updates

New to Zoho CRM?

Signup Now

Access Zoho CRM

Latest Feature Updates

New to Zoho Projects?

Access Zoho Projects

New to Zoho Sprints?

Access Zoho Sprints

New to Zoho Assist?

Access Zoho Assist

Related Articles
Can I use a public domain-based email address to send marketing emails?
Some of the major email service providers have framed new policies that mandate the implementation of DMARC. If you don't authenticate your sender domain by implementing DMARC, your emails will bounce. It implies that you can't use third-party sender ...
How to create a custom return-path address
As marketers, you know that the race to achieve inbox placement is getting tougher every day. The best way to land your emails in your contact's inbox is by implementing email authentication techniques. At Zoho Campaigns, we urge our users to ...
When SPF or DKIM alignment fails
A DMARC check includes SPF and DKIM alignment. If your DMARC report says that SPF or DKIM alignment has failed for your emails even though you've properly authenticated your domain with Zoho Campaigns, read the information below to learn why this may ...
What is BIMI and why is it important?
What is BIMI? Nobody wants their inboxes to be flooded with spam or unwanted emails. To combat this, SPF, DKIM, and DMARC are email authentication methods that most businesses employ to inform their recipients that the emails they receive are ...
Why shouldn't I use a public domain address?
An email from a public domain sender address may make recipients hesitate to read your email, and they may even mark it as spam. Spammers often use public domains for their sender addresses therefore their domain reputation tends to be low. Using a ...

Wherever you are is as good as

your workplace

Workplace on mobile

Resources

Videos

Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.

Watch Now

eBooks

Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.

Download eBooks

Webinars

CRM Tips

Make the most of Zoho CRM with these useful tips.

Learn More

DMARC - Online Help | Zoho Campaigns

DMARC

How DMARC works

Decoding the DMARC record

How to implement DMARC records

Validate your SPF and DKIM records

Generate a DMARC record

Add DMARC record to your domain's DNS

Choose an email account to receive DMARC reports

Benefits of implementing DMARC

Zoho CRM Training Programs

Zoho DataPrep Personalized Demo

Start tracking your website metrics today

Ready to improve your website's performance?

Track and measure every business goal

Understand the customer journey on your website

Visualize your visitor's behavior with color codes

Measure customer engagement with your web forms

Record real visitor interactions on your website

Test and optimize webpages for better conversions

Give each customer a unique website experience

Grow your business through customer feedback

Send timely updates that customers love

Advertise your business to website visitors

Access more advanced settings in PageSense

Try easy-to-use extensions

Discover your favorite integrations with PageSense

Still can't find what you're looking for?

Zoho Sheet Resources

Zoho Forms Resources

Zoho Sign Resources

Zoho TeamInbox Resources

Zoho DataPrep Resources

Related Articles

Can I use a public domain-based email address to send marketing emails?

How to create a custom return-path address

When SPF or DKIM alignment fails

What is BIMI and why is it important?

Why shouldn't I use a public domain address?

Resources

Videos

eBooks

Webinars

CRM Tips

Zoho Show Resources