To combat ever-rising spoofing and phishing attacks, you need to implement DMARC for your company. Building a DMARC record is the first step in this process.
Building your DMARC record is easier done than said. We will show you how to build a DMARC record in 5 minutes.
Step 1 Identify your business email domain
Identify the email domain you send business emails from. For example, if you use an address
sales@_mycompany.com to send sales emails to prospects, the domain is
Step 2 Create your DMARC record
Log in to the Dmarcly dashboard, then go to DNS Records -> Publish DMARC Record. The default DMARC record has already been created for you in the highlighted area, as below:
Note that there is a section below on the page where you can customize your settings for the DMARC record. The most important setting is the policy which instructs the receiving server how to handle emails that fail DMARC compliance checks.
Here we set the policy to None (p=none) by default, which means we put DMARC in monitoring mode, so that you can examine the percentages of emails that pass/fail DMARC compliance checks.
When in monitoring mode, the receiving server doesn't quanratine/reject failing emails, and everything works just like before from your and your customers' perspectives.
If you are just getting started with DMARC, you can safely ignore these settings for now. You can always come back and change the settings whenever necessary.
Step 3 Publish the DMARC record
In order to put the DMARC record into action, you must publish it to the Domain Name System (DNS).
Here is a refresher on why this is necessary: when an email arrives at the receiving server, the server extracts the domain from the email address, and looks the DMARC record up in the domain's DNS entry. If found, it performs the actions as specified in the DMARC record.
Now log in to your DNS management console, choose the domain you need to publish the DMARC record on, i.e., mycompany.com.
Create a TXT entry on mycompany.com with these settings:
Type: TXT Host: _dmarc TXT Value: (DMARC record created above) TTL: 1 hour
For example, here is what it looks like in GoDaddy's DNS management console:
To publish a DMARC record in CloudFlare:
Now you have it! DMARC aggregate reports on that domain will drip in in a couple of days.
If you have multiple domains you want to secure, repeat the 3 steps for each of the domains.