Domain-based Message Authentication, Reporting, and Conformance (DMARC) records are configured as format-specific TXT records and are what define a domain’s email authentication policies. This record type helps shield both email recipients and senders from threats such as email spoofing, phishing, and spam. While not a protocol themselves, DMARC records provide instructions for mail servers on how to interact with communication coming to and from a domain.
A DMARC record looks like this (depending on the tags used for your specific configuration):
v=DMARC2; p=quarantine; ;rua=mailto:email@example.com; pct=100
Other optional tags for DMARC records:
DMARC records are used as a means of email authentication and are what servers go by to determine whether a DNS message should be quarantined or rejected, or if it is safe for the message to be delivered. You can also enable DMARC records to send reports of the actions taken by mail servers upon policy framework, DomainKeys Identified Mail (DKIM), and DMARC authentication failure.
Including a pct tag allows you to do slow rollouts of DMARC implementations. Specifying a percentage of emails to filter lets domain administrators monitor configurations and check for errors for certain mailstreams. Once satisfied, the percentage can be increased to 100 or the tag can be removed entirely.
1. Log into Constellix and Select Domain
Log into Constellix. Once in the dashboard, select your domain from the Recently Updated Domains list or search for the domain in the top-left search bar.
2. Expand TXT Record Options
After selecting the domain that needs the DMARC TXT record, you will be taken to the Records page. If you have not configured any TXT records for this domain yet, click the green + icon beside TXT Record (SPF) to expand options, otherwise skip to step 3.
3. Add a TXT Record
Once options are expanded, click the green + icon to create your TXT Record (SPF) record.
4. Enter DMARC TXT Record Values
You should now see the Add TXT Record pop-up window.
Fill out the values using DMARC-specific formatting:
a) Name: In this field, specify that the TXT record contains a DMARC policy by entering _dmarc.
b) TTL: Time to Live (measured in seconds) determines how long a record is cached in resolvers.
Visit our What is TTL resource for more information and best practices for TTLs.
c) Disable Record: With this feature, you are able to remove records from our nameservers without removing the record configuration in the Constellix DNS control panel. See our Disabling a Record tutorial for more information.
d) Value: Add necessary information in this field, including DMARC version (DMARC1), policy tag (p), and rua tag (for email reporting, as noted in the example above).
e) Notes: This section is helpful for adding notes with keywords so that you can easily search for specific records later (optional but recommended).
f) Save: Tap the green Save and Close button.
Visit our website for more information on our services and features.