DMARC Policy
Spammers will often try to forge the "From" address in an email to deceive recipients and perform unlawful activities. Obviously mailbox providers want to prevent such emails landing in the inbox of their users, and email senders don't want their emails to be tampered with. The only way to achieve these goals, though, is by implementing domain authentication techniques.
DMARC (Domain-based Message Authentication Reporting and Conformance) is an authentication technique that uses the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to validate emails. DMARC allows a business to publish a policy that provides instructions to the receiving servers of mailbox providers on how to handle unauthenticated emails sent from their domain.
When you implement DMARC, there are three actions you can instruct the receiving server to perform when they receive unauthenticated emails from your domain.
Take no action
You can design a policy and set it as "p=none". When a receiving server identifies an unauthenticated email, it will accept it without taking any action.
Quarantine the email
You can design a policy and set it as "p=quarantine". When the receiving server identifies an unauthenticated email, it will accept the email and store it in the quarantine folder on the server. Only the server's administrators will be able to view these emails.
Reject the email
You can design a policy and set it as "p=reject". The policy will instruct the receiving server to reject unauthenticated email. You can learn more about the email that got rejected by analyzing the DMARC failure report.
How DMARC works
DMARC is dependant on two other email authentication techniques, SPF and DKIM. For an email to pass the DMARC validation, it must either pass the SPF authentication and alignment validation or DKIM authentication and alignment validation.
Step 1
You need to publish the DMARC policy that provides instructions to the receiving servers of mailbox providers on handling emails that violate the policy. The record may take 24 hours to get reflected.
Step 2
You need to authenticate your sender domain by implementing SPF and DKIM. If you send emails without implementing SPF and DKIM, your emails may bounce. After implementing SPF and DKIM, when you send emails, the receiving server of the mailbox provider will use the DNS to identify the DMARC record corresponding to the sender domain. The receiving server will perform the following actions:
- Validate the DKIM key.
- Verify whether the email was sent from an IP address that's listed in the SPF record.
- Verify whether the headers in the email message show proper domain alignment.
Step 3
The receiving server will apply the DMARC policy and carry out the instruction defined in the policy.
Step 4
The receiving server will send a report on how it handled the email to the reporting email address listed in the DMARC record.
Decoding the DMARC record
Here's a sample DMARC record
v=DMARC1\; p=none\; rua=mailto:dmarc-aggregate@mydomain.com\; ruf=mailto:dmarc-afrf@mydomain.com\; pct=100
v - Indicates the version of DMARC that's being used.
p - Indicates the policy set by the business.
rua - Indicates the URI to which a consolidated report will be sent detailing the SPF and DKIM validation results, information about the sending and receiving domains, and the percentage of successful authentications.
ruf - Indicates the email address to which the detailed SPF/DKIM failure report will be sent.
pct - Indicates the percentage of emails on which the policy will be applied.
Benefits of implementing DMARC
Implementing DMARC has the following benefits:
- Prevents fraudsters from using your sender domain to perform spoofing activities.
- Improves email deliverability as implementing DMARC will get you into the good books of mailbox providers and anti-spam service.
- It helps you monitor the emails you send and gives you control over how mailbox providers handle unauthenticated emails sent from your domain.
At Zoho Marketing Automation, we urge our users to implement SPF, DKIM, and DMARC, as it is the best way to safeguard your emails. Read our help article to learn more about setting up the SPF and DKIM TXT records of your sender domain.
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Sender Policy Framework (SPF)
Spam is a major bottleneck issue that the email marketing industry faces on a daily basis. Fraudsters often try to forge the sender address of emails and try to perform malicious activities. The only way to protect your emails and improve ...What to do if your domain authentication fails in Gmail
An authenticated domain shows mailbox providers that your emails are genuine and not spam. To protect its users from receiving spam, Gmail checks whether the email sender domain is properly authenticated or not. If the email sender domain is not ...Configure cookies and privacy policy banner
Zoho Marketing Automation uses cookies to track visitors' information on your website. These cookies are placed on your visitor's browser to store information, such as the device used or browser OS, while users access your website pages. This data is ...When SPF or DKIM alignment fails
A DMARC check includes SPF and DKIM alignment. If your DMARC report says that SPF or DKIM alignment has failed for your emails even though you've properly authenticated your domain with Zoho Marketing Automation, read the information below to learn ...Ways to avoid spam filters
When you send an email to your contacts, it goes through the following three steps: You (the sender) send your email via Zoho Marketing Automation (email marketing service) Scrutinized by spam filters by mailbox providers and anti-spam services ...
New to Zoho LandingPage?
Zoho LandingPage Resources