---
title: "How to publish a DMARC record for your domain (with example) | DuoCircle"
description: "Publish a DMARC record for your domain in 5 minutes: pick a policy, build the TXT value, add it at your DNS host, and verify with a DMARC record checker."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/"
---

Quick Answer

A DMARC record is a DNS TXT record at \_dmarc.yourdomain.com that tells receiving servers how to handle mail failing SPF or DKIM. It uses three policies: p=none (monitor only), p=quarantine (junk), and p=reject (drop). Microsoft, Google, Yahoo, and PCI-DSS now require DMARC for bulk senders.

How to publish a DMARC record for your domain (with example)

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2024/06/A-Guide-To-Publishing-DMARC-Records-For-Your-Domain-Summary.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fdmarc%2Fa-guide-to-publishing-dmarc-records-for-your-domain%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=How%20to%20publish%20a%20DMARC%20record%20for%20your%20domain%20%28with%20example%29&url=undefined%2Fblog%2Fdmarc%2Fa-guide-to-publishing-dmarc-records-for-your-domain%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fdmarc%2Fa-guide-to-publishing-dmarc-records-for-your-domain%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fdmarc%2Fa-guide-to-publishing-dmarc-records-for-your-domain%2F&title=How%20to%20publish%20a%20DMARC%20record%20for%20your%20domain%20%28with%20example%29 "Share on Reddit") [ ](mailto:?subject=How%20to%20publish%20a%20DMARC%20record%20for%20your%20domain%20%28with%20example%29&body=Check out this article: undefined%2Fblog%2Fdmarc%2Fa-guide-to-publishing-dmarc-records-for-your-domain%2F "Share via Email") 

![Publishing DMARC Records](https://media.mailhop.org/duocircle/images/2024/06/sender-policy-framework-6712.jpg) 

[DMARC](/email/dmarc), or Domain-based Message Authentication, Reporting, and Conformance, is an email authentication protocol that **protects your domains** from being misused by cyber attackers and improves [email deliverability](/a-guide-on-email-deliverability) to ensure that your emails reach their intended recipients instead of landing in their spam folders.

There was a time when DMARC authentication was considered a “best practice” for your [email security](/) strategy, but now, considering how cyber threats have evolved, it has become an **obligatory measure** for organizations.

In fact, now [Microsoft](https://www.helpnetsecurity.com/2023/10/09/microsoft-365-bulk-email/), along with [Google and Yahoo](/email-services/google-yahoo-mandatory-to-deploy-dmarc-for-more-than-5000-daily-emails/), have made it **mandatory** for organizations to implement DMARC. _Thanks to these radical measures by the ESPs (Email Service Providers), the adoption and implementation of DMARC have significantly increased_. 

When we speak of DMARC authentication, an important aspect of this strategy is creating and publishing efficient [DMARC records](/resources/create-dmarc-records) in your DNS (Domain Name System). A DMARC record is a TXT record, which **gives instructions** on how emails that fail authentication should be treated by the mail servers. 

In this article, we will take you through the basics of DMARC records and the process of **creating and publishing** them.

## What is a DMARC Record?

A DMARC record is a [DNS TXT record](https://www.cloudflare.com/learning/dns/dns-records/dns-txt-record/) that initiates communication between the incoming server and the receiving server. It confirms at the recipient’s end that the email truly came from your domain and ensures that it **hasn’t been tampered** with.

[![Benefits DMARC Checks](https://media.mailhop.org/duocircle/images/2024/06/sendgrid-alternative-1.jpg)](https://media.mailhop.org/duocircle/images/2024/06/sendgrid-alternative-1.jpg)

_It also provides instructions on **how email servers should handle emails** that fail [SPF](/content/spf-record-check) (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) authentication checks._ For the emails that fail preliminary authentication checks, the DMARC record specifies what actions to take, i.e. whether to let them in, push them into spam, or reject them altogether. This is achieved through three policies, **p=none, p=quarantine, and p=reject**. 

If you configure your email-sending domain at “**p=none**,” your DMARC record will look something like:

v=DMARC1; p=none; rua=mailto:[dmarc@example.com](mailto:dmarc@example.com)

This means that **no action will be taken** for emails that fail the authentication tests. Instead, the reports will be sent to the given email address. _This allows email traffic to be monitored and analyzed without the delivery of emails being affected_.

## Do You Really Need a DMARC Record?

The simple answer to this is- **absolutely yes**! Now that DMARC has become a mandatory requirement, it’s a no-brainer that you need a DMARC record to protect your domain and enhance your email security. But wait, there is more to it than just compliance. 

Here are a few reasons why you should consider adding a DMARC record to your DNS:

### To Achieve Seamless Authentication

As you know, enforcing DMARC can help you achieve authentication by aligning SPF and [DKIM](/resources/what-is-dkim). _The foundation of this **seamless DMARC implementation** lies in the DMARC record, which coordinates and enforces the alignment of these authentication methods_. By specifying how emails should be handled if they fail SPF or DKIM check, the TXT record ensures that your emails are well perceived by the recipient’s mail server. 

### To Protect Your Brand from Cyberattacks

[Cyberattacks](https://edition.cnn.com/2024/02/28/tech/cyberattack-health-insurance-doctors-therapists/index.html) like phishing and spoofing are more frequent and severe than ever! This means that you can no longer be laid back about executing your email security strategies, and this is where DMARC emerges as a **critical defense**.

Implementing DMARC with a well-established DMARC record can help you effectively prevent cybercriminals from using your brand to deceive customers and stakeholders. This not only keeps grave cyberattacks like phishing, spoofing, and [ransomware](https://www.bbc.com/news/articles/c3g5r9g45n4o) at bay but also **reinforces trust** and security in your email communications.

### Improves Email Deliverability

Creating an efficient and secure email ecosystem isn’t just about preventing [phishing attacks](https://thehackernews.com/2024/06/moreeggs-malware-disguised-as-resumes.html) but also ensuring that your emails are more likely to be delivered to the intended recipients’ inboxes rather than being marked as spam. _With DMARC in place, **you can rest assured** that your emails are authenticated properly, increasing their chances of passing [spam filtering](/email/spam-filtering)._ To make this happen, DMARC records instruct email servers on how to handle emails that fail SPF and DKIM checks. 

### To Gain Visibility into Email Traffic

Another way to keep your [email authentication](/resources/email-authentication) secure is to monitor your email traffic. This is where DMARC comes in! By implementing DMARC, you can **receive detailed reports** on the emails sent from your domain, including information about those that fail SPF and DKIM checks.

Keeping track of how your email authentication systems are performing can tell you about the **effectiveness** of your current [DMARC policies](/resources/dmarc-policy) and indicate if you need to update your DMARC records. 

### To Comply with Industry Standards

Major email providers like Microsoft, Google, and Yahoo now require organizations that send [bulk emails](https://sendpulse.com/support/glossary/bulk-email) to implement DMARC. That’s not all! _If your organization handles [cardholders’ data](https://www.pcisecuritystandards.org/glossary/cardholder-data/) and undertakes financial transactions, you must comply with the [Payment Card Industry Data Security Standard (PCI-DSS) requirements](https://www.techtarget.com/searchsecurity/definition/PCI-DSS-Payment-Card-Industry-Data-Security-Standard), which again, mandate DMARC implementation starting in **March 2025**_. 

This was all about the domains used to send emails. But what about those that aren’t used for sending emails? Should those have DMARC records? Yes! If you want to prevent threat actors from [misusing your domains](https://www.scmagazine.com/news/microsofts-quick-assist-used-in-scam-to-drop-black-basta-ransomware), **you should definitely have DMARC** records set up for them with policies set to “p=reject” so that the recipients’ servers outrightly reject the emails that fail SPF and DKIM authentication tests. 

## How to Generate a DMARC Record?

As you already know, **DMARC works closely with SPF and DKIM**, so you need to configure these protocols before you can head on to DMARC. 

Assuming that you have SPF and DKIM in place, you are all set to configure a DMARC record for your domain(s). Here’s how you can do it:

### Enter the DMARC Record Details

Once you have decided on how lenient or strict you want your [DMARC enforcement](/dmarc/understanding-dmarc-percentage-tag-for-advancing-policies/) to be, log into your DNS hosting provider and create a **new TXT record**. If you have an existing TXT record, you can go on to edit it. 

### Add Host Value

The next step is to enter **‘\_DMARC’** which is the value that your [DNS hosting provider](https://en.wikipedia.org/wiki/DNS%5Fhosting%5Fservice) will append your domain to. If you have a subdomain, enter **‘\_dmarc.subdomain’**

### Add Additional Value Information

Your DMARC DNS record has only two required tags, “v” and “p.” Here, “v” has the tag value of ‘v=DMARC1’. For [the ‘p’ tag](https://dmarc.org/overview/), it can be set to **none, quarantine, or reject**. 

If you start creating a new DMARC record, it is recommended that you begin with “p=none” and **gradually move up to a stricter policy**, that is, “p=reject.” Doing this gives you the leeway to monitor and gather data on how your emails are being handled without affecting email delivery. _It also helps you identify and troubleshoot any issues with SPF and DKIM configurations_.

Other things to keep in mind while adding the ‘value’ information are:

- Out of all the DMARC TXT tags, it is **compulsory to configure the ‘v’ (version) and ‘p’ (policy) tags**, whereas you can skip the ‘rua’ (aggregate reports) tag.
- Each tag should be **separated by a semicolon** (**;**).
- Use a comma to distinguish between the ‘rua’ and ‘ruf’ tags that support multiple email addresses.
- You can add multiple **advanced or optional tags** like ‘ruf,’ ‘rf,’ ‘aspf,’ and ‘adkim,’ but only in the later stages.

### Save the Record

After you are done adding all the essential information to the DMARC record, **click the ‘Save’** or ‘Submit’ button to generate it.

### Validate the DMARC Record

[![breach or cyberattack](https://media.mailhop.org/duocircle/images/2024/06/spf-validator-8324.jpg)](https://media.mailhop.org/duocircle/images/2024/06/spf-validator-8324.jpg)

_The final step in creating and publishing your DMARC record is to verify it with a [DMARC record checker](/content/spf-record-check/dmarc-record-check) to ensure the record has the correct values, formatting, configurations, and syntaxes_. This simple step ensures that your DMARC record is implemented correctly and that there are **no loopholes** that could potentially lead to a [breach or cyberattack](https://thecyberexpress.com/inc-ransom-claims-controlnet-cyberattack/). 

Feeling overwhelmed by all the complicated steps that you need to follow to create a DMARC record? With a [DMARC record generator](/resources/dmarc-record-generator), you can simplify the entire process and **easily create accurate DMARC records** without needing extensive technical knowledge.

## What’s Next?

It is important to understand that simply creating and publishing a DMARC record in your DNS will not mitigate the [risks of scammers](https://www.monash.edu/cybersecurity/awareness-and-training/risks) attacking your domain unless you focus on DMARC enforcement. For effective DMARC enforcement, **trust DuoCircle**! 

Our **end-to-end DMARC solutions** are tailored to fit your organization’s needs and security posture. With DuoCircle by your side, you don’t have to worry about keeping your domain safe from email impersonators. _We will take care of everything right from DMARC setup to ongoing monitoring and adjustment._

Here’s how we can help:

- Comprehensive [DMARC aggregated & forensic reports](/resources/dmarc-aggregate-report)
- Gradual enforcement of DMARC policies
- Continuous monitoring and maintenance
- **Tracking DNS changes** and updates
- Expert support and guidance

## Get Started with DuoCircle

Are you ready to enhance your email security with DuoCircle’s DMARC solutions? [Contact us](/get-a-quote) today to learn more about how we can help you protect your domain from [email spoofing](https://www.scmagazine.com/news/fbi-warns-of-email-spoofing-by-north-korean-threat-actor-kimsuky) and phishing attacks. Let us handle the complexities of DMARC enforcement while you **focus on running your business** with peace of mind.

## Topics

DMARCemail securityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  DMARC 5m  A Guide to Advancing DMARC Policies for Enhanced Email Deliverability  Jan 19, 2024 ](/blog/dmarc/a-guide-to-advancing-dmarc-policies-for-enhanced-email-deliverability/)[  DMARC 5m  How to check DMARC compliance for any domain  Jun 25, 2024 ](/blog/dmarc/a-guide-to-checking-dmarc-compliance/)[  DMARC 6m  A guide to detecting DMARC problems using the pentesting techniques  Oct 3, 2024 ](/blog/dmarc/a-guide-to-detecting-dmarc-problems-using-the-pentesting-techniques/)[  DMARC 6m  Limitations of DMARC For Fortifying Email Phishing in 2024!  May 24, 2024 ](/blog/dmarc/dmarc-limitations-for-fortifying-email-phishing-in-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"How to publish a DMARC record for your domain (with example)","description":"Publish a DMARC record for your domain in 5 minutes: pick a policy, build the TXT value, add it at your DNS host, and verify with a DMARC record checker.","url":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/","datePublished":"2024-06-12T21:12:18.000Z","dateModified":"2025-08-25T12:30:38.000Z","dateCreated":"2024-06-12T21:12:18.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/"},"articleSection":"dmarc","keywords":"DMARC, email security, Updates","wordCount":1497,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/06/sender-policy-framework-6712.jpg","caption":"Publishing DMARC Records","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"DMARC"},{"@type":"ListItem","position":3,"name":"How to publish a DMARC record for your domain (with example)","item":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"DMARC","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"How to publish a DMARC record for your domain (with example)","item":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"How to publish a DMARC record for your domain (with example)","description":"Publish a DMARC record for your domain in 5 minutes: pick a policy, build the TXT value, add it at your DNS host, and verify with a DMARC record checker.","url":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/","datePublished":"2024-06-12T21:12:18.000Z","dateModified":"2025-08-25T12:30:38.000Z","dateCreated":"2024-06-12T21:12:18.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/dmarc/a-guide-to-publishing-dmarc-records-for-your-domain/"},"articleSection":"dmarc","keywords":"DMARC, email security, Updates","wordCount":1497,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/06/sender-policy-framework-6712.jpg","caption":"Publishing DMARC Records","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```