How to set up a DMARC Record
Setting up a DMARC record is essential for email security and sender reputation. DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance, is a protocol that uses SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to validate email authenticity.
Why is a DMARC Record essential?
There are three main reasons why setting up a DMARC Record is the gold standard:
1. Combatting Email Spoofing: DMARC plays a crucial role in safeguarding your domain against misuse in phishing scams. It acts as a shield, preventing cybercriminals from impersonating your domain to send deceptive emails, thereby significantly reducing the risk of email-based attacks.
2. Enhancing Email Deliverability: One of the key benefits of DMARC is its ability to improve the deliverability of legitimate emails. By authenticating emails using DMARC, you help email providers distinguish your genuine emails from spam, ensuring that your important communications reach their intended recipients without being wrongly flagged as spam.
3. Providing Visibility into Email Sources: Implementing DMARC offers a clear insight into your email traffic. Through the reports generated by DMARC, you gain valuable information about how your domain is being used in email communications. These reports allow you to track the performance and authenticity of emails sent from your domain, helping you make informed decisions to secure and optimize your email ecosystem.
How to set-up a DMARC Record
To set up a DMARC record, follow these steps:
1. Understand DMARC's Function: DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It's an email authentication protocol that helps in protecting your domain from unauthorized use, such as email spoofing, by ensuring that emails are authenticated against DKIM and SPF standards.
2. Check SPF and DKIM Records: Before setting up DMARC, ensure that SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records are already set up for your domain. When using the tawk.to Remove Branding add-on your SPF record is already handled through the return path,
3. Access Your Domain Registrar’s DNS Management: Log into the control panel of your domain registrar and navigate to the DNS management section.
4. Add a New DNS Record: Look for an option to add a new DNS record. This option might be labeled as ‘Add Record’, ‘Create Record’, or something similar.
5. Select the Record Type: Choose ‘TXT’ as the type of record you are adding since DMARC policies are implemented as TXT records.
6. Configure the DMARC Record: Enter the details for your DMARC record.
The format should be as follows:
- Type: TXT
- Host / Name / Sub Domain: _dmarc (For example, _dmarc.yourdomain.com)
- Value / Text Record: v=DMARC1; p=none; rua=mailto:[your email]; aspf=r; adkim=r (Replace [your email] with the email address where you want to receive DMARC reports). It's important that your SPF and DKIM alignment are set to "relaxed" by using the 'aspf' and 'adkim' tags (default is relaxed if tags are not set). This alignment allows not only the top-level domain (e.g. test123.com) but also its sub-domains (e.g. sub-domain.test123.com) to send emails as '@test123.com'. In strict mode ('s'), only the exact domain can be sent, whereas 'relaxed' ('r') accommodates sub-domains as well.
- TTL (Time to Live): Typically 1 hour or the default provided by your registrar
An easy way to configure your DMARC Record is to visit https://dmarcian.com/dmarc-record-wizard/ . This DMARC Record Wizard on is a user-friendly tool that helps you create a DMARC record for your domain. It will guide you through various steps, including selecting email handling policies, specifying report receiving addresses, and choosing settings for subdomains.
7. Save the New Record: After entering the details, save the new record.
8. Verify the DMARC Record: Use tools like DMARCian’s DMARC Record Checker to confirm that your DMARC record is correctly configured. This can be done in the Add-on Settings within tawk.to
9. Monitor and Adjust: Initially, set your DMARC policy to none for monitoring. Gradually move to stricter policies like quarantine or reject based on the analysis of DMARC reports.
Remember, each part of the DMARC record is crucial in setting it up correctly.
Implementing it accurately is key to complying with email sender requirements, enhancing email deliverability, and protecting your domain reputation.
If you need further help or if you have questions, reach out to our support team by scheduling a call.