How to set up a DMARC record on your sending domain?

The final step to optimize the deliverability of your messages, and protect yourself from spoofing, is to publish a DMARC record on your sending domain.
If you don't want to bother with these technical considerations, a simple solution is to reserve a domain name with us:  
How and why register a domain name with OxiMailing?
All the domains we handle are automatically configured with everything you need for optimal deliverability.

If you prefer to use a domain name that you already own as a sender domain, then please continue reading this article.
In the remainder, we will use the domain mydomain.com as an example. This process must be undertaken by your email administrator because he alone has total control of your infrastructure.

DMARC is used to fight spoofing.
The article below by BadSender describes very well how to deploy a DMARC record:
https://www.badsender.com/en/2017/06/27/delivrability-email-implementer-dmarc-protect-your-domains/ 

These articles from Google and Yahoo demonstrate the need to implement DMARC for optimal deliverability:
https://support.google.com/a/answer/14229414
https://senders.yahooinc.com/best-practices/
https://senders.yahooinc.com/faqs/

Once the DMARC record has been published on your domain name, you will receive daily reports by email from Gmail, Yahoo Microsoft, etc. indicating the quantity of messages received from mydomain.com by sending IP. If unknown IPs appear in the reports (with DMARC "fail"), this could mean two things:

  • either your domain is used without your knowledge by malicious senders
  • or you yourself have forgotten a legitimate sending channel used by mydomain.com, in which case you need to adapt your SPF record and/or add the appropriate DKIM keys.

To be on the safe side, we recommend initially choosing a "none" policy:

_dmarc.mydomain.com.    IN      TXT     "v=DMARC1; p=none; rua=mailto:abuse@mydomain.com"

We assume that the abuse address exists, if this is not the case, enter an address that exists. By convention, it is highly recommended to be reachable at the abuse and postmaster addresses for anything relating to spam/abuse issues.

Secondly, switch to a “quarantine” policy (classification as spam) to be applied to 20% of messages received:

_dmarc.mydomain.com.    IN      TXT     "v=DMARC1; p=quarantine; pct=20; rua=mailto:abuse@mydomain.com"  

Once you have validated the fact that the other sending IPs do not belong to you, you can switch to a "reject" policy (pure and simple rejection) by gradually increasing the percentage, until reaching 100%..   

_dmarc.mydomain.com.    IN      TXT     "v=DMARC1; p=reject; pct=100; rua=mailto:abuse@mydomain.com"

Please feel free to contact our technical support if you need assistance setting up your DMARC record.

You cannot comment on this entry