Create a secure DMARC record to safeguard your domain against spoofing and phishing threats.
Follow the steps to create a customized DMARC record for your domain
Please provide the domain for which you'd like to generate a DMARC record
Improve email security with DMARC Generator
DMARC uses SPF and DKIM to authenticate the sender. SPF verifies the IP address and DKIM verifies the cryptographic signature. Alignment is introduced to ensure that SPF and DKIM domains match the From header, preventing email spoofing and improving overall authentication reliability.
DMARC provides flexible policies for authentication failures, allowing owners to choose "none," "quarantine," or "reject" to defend against malicious email. Its phased deployment starts with monitoring and systematically progresses to more stringent measures.
DMARC produces aggregate reports (rua) summarizing authentication activity and forensic reports (ruf) providing detailed insights into specific email failures, aiding domain owners in prompt issue resolution and continuous improvement.
DMARC reduces the risk of phishing attacks by ensuring that only legitimate email from authorized sources is associated with a domain. It protects brand reputation by preventing unauthorized use of the domain in phishing attempts.
This tag specifies the DMARC version in use. Always set to "DMARC1".
Defines the policy for handling email for the domain. Can be "none" (monitor), "quarantine" (spam folder), or "reject" (block email).
Specifies an email address to receive aggregate DMARC reports (XML files) containing information about authentication results.
Specifies an email address to receive forensic (failed) DMARC reports with detailed information about individual failed authentication attempts.
Allows specifying a different policy for subdomains. Can take the same values as the p tag (none, quarantine, reject).
Specifies how DKIM should handle the match between the From header domain and the DKIM-signed domain. Can be "s" (strict) or "r" (relaxed).
Specifies whether SPF should strictly ("s") or loosely ("r") match the From header domain to the SPF-authenticated domain.
Percentage of emails subject to filtering. Useful for gradually rolling out DMARC policies. Range: 1-100, default is 100.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol. It helps prevent email spoofing and phishing by allowing domain owners to specify how their emails should be authenticated and what actions should be taken if authentication fails.
Yes! DMARC enhances email security by building on existing authentication standards such as SPF and DKIM. It allows domain owners to set email authentication policies and instructs email recipients how to handle messages that fail authentication, significantly reducing the risk of fraudulent email.
Key benefits include significant reduction in phishing attacks, improved email deliverability, increased trust in email communications, and better visibility into your email authentication. DMARC helps protect your brand reputation by ensuring only legitimate email is associated with your domain.
Start by publishing a DMARC record in your domain's DNS settings. Begin with a "p=none" policy for monitoring to assess the impact on your email flow. Gradually move to "p=quarantine" and finally "p=reject" as you gain confidence in your email authentication setup.
If legitimate email is affected, check your DMARC policy and alignment settings. Ensure your SPF and DKIM configurations are accurate and aligned with your DMARC policy. Review DMARC reports regularly for insights into authentication failures and adjust your settings accordingly.
Before implementing DMARC, ensure you have both SPF and DKIM records properly configured for your domain. DMARC builds on these authentication methods, so they must be in place first. Use our SPF and DKIM generators and checkers to set these up.
Test your DMARC record after creating it
Create SPF records for your domain
Validate your DKIM signature configuration
Get automatic email warmup, deliverability monitoring, and powerful outreach tools with DitLead.
Start Free Trial