A Quick Guide On DMARC Policy & How You Can Set Up DMARC For Your domain in 3 Simple Steps
What a DMARC policy is and how you can implement it correctly.
DMARC is an email authentication standard that is highly recommended for your business domain. With the help of DMARC email authentication (which comprises SPF and DKIM protocols), the receiving mail systems/service providers can recognize the emails that are not sent from approved domains. It then commands the receiving system to take the necessary actions against these emails thereby, preventing all sorts of phishing attacks and keeping your domain safe.
These actions can be of three types – None, Quarantine, and Reject. Below, we discuss the concept of these DMARC policies in brief:
Table of Contents
Types Of DMARC Policies: An Outline Of The Entire Concept
There are three policies that may be adopted, according to how the receiving mail server handles the email request if SPF and DKIM authentication fail; these are as follows:
- None Policy: The ‘p=none’ policy takes no action against any email:
- Even if the DMARC email authentication (i.e., SPF and DKIM are also not verified) fails to verify the email, it is allowed to land in the mailbox.
- The domain owner is sent a detailed report about the sender(s).
- Quarantine Policy: The ‘p=quarantine’ policy shifts all unverified mails to a separate folder:
- If DMARC does not verify an email, it commands the receiving systems to transfer it into a spam or junk folder.
- After that, the domain owner can analyze whether the emails are fraudulent or authentic and whitelist the verified ones accordingly.
- The domain owner is sent a detailed report regarding all mails that have failed to pass the verification process.
- Reject Policy: The ‘p=reject’ policy rejects all unauthenticated mails.
- If a mail fails the DMARC email authentication, they are straightaway rejected.
- No suspicious email is allowed to land in the inbox of the receiver.
- A detailed report is sent to the domain owner regarding the verification status of all blacklisted mails.
However, one must be careful before implementing the reject policy since it can sometimes blacklist even the authentic ones!
It Just Takes Three Simple Steps To Publish DMARC Records For Your Domain!
To publish a DMARC record and set the right policy for your domain, here are three simple steps that you can follow.
- Generate DNS Records: One can use any freely available tools to generate the right DMARC records for their domain(s).
- Go To Your DNS Provider: Firstly, make sure you have access to your DNS provider (If you have recently bought the domain address for your new business, you can check with your domain registrar.) and search for a control panel where you will be able to edit your DNS records.
- Generate A New TXT Record Value And Add The Following Details:
- Hostname: This must be filled with “_dmarc” (The “_” is crucial to note here, users forget this while adding the value, and this ends up creating a syntax error because of which the right DMARC records are not added.).
- Type/Type of Record: This must be filled with “TXT”
- Value/Value of Record: Here, fill in the value you may have generated in step 1.
Final Words
Creating a DMARC Record and setting the right DMARC Policy only takes a few minutes. However, if you’re still unsure of handling the process yourself, you can use a robust online DMARC tool that will not only help you generate the correct DMARC records for your business domain, but also maintain them for you and provide you with timely reports!
Join the thousands of organizations that use DuoCircle
Find out how affordable it is for your organization today and be pleasantly surprised.
Interested in our Partner Program for MSPs and VARs? Visit Our MSP Partner Program.