DMARC records are a type of DNS record that is used by the recipients (receiving) mail server to check how strictly it wants the sender to scrutinise the server from which the email was sent from.

This is will vary greatly between organisations, a Bank would want messages not sent from it’s mail-servers to go to the recipient’s spam folder. While a small blog that might not have set up its email server correctly will want every chance for the email to end up in the recipient’s mailbox.

The advantage of having these records is your assisting the receiving server know if your domain sent the email (which reduces spam to their customers) and if setup helps minimise or alert you to someone spoofing emails under your domain.

For the most part DMARC records are optional, but are becoming strongly encouraged, particularly when sending to large organizations such as governments or financial institutions. Most providers WILL-NOT add a cPanel DMARC record for you.

If using cPanel for your DNS, these records are very easy to add-in.

1. Open up the Zone Editor tool in cPanel

2. Click Manage beside the domain you wish to add the record on

3. In the ‘Add Record’ menu, select ‘Add DMARC Record’

4. Configure how you want the DMARC record settings

  • Policy: On a failure, what should the receiving server do (ignore the failure, Quarantine or mark it as spam, reject & bounce it)
  • Subdomain Policy: Should this apply to emails on subdomains, ie ‘[email protected]’?
  • Percentage: Do you want the server to perform these rules on all mail? With new rules often it is good to start from ~10% and increase it to 100% once tested
  • Generate Failure Reports When: Do you want a report for every single failure?
  • Report Interval: How often should recipient servers send reports, by default this is 24 hours. If you sent 1000 emails to gmail, they would bundle up and email you a report every 24 hours if they received mail from you.
  • Send Aggregate Mail Reports to: email address to receive the bulk reports, it is recommended this not be your main email address.
  • Send Failure Reports To: email address to be immeditely notified if a failure occours.

An example of a basic DMARC record that will not impact email deliverability

5. Click Save and verify the record added

6. You can check your cPanel DMARC record has been added by using the following DMARC Checker Tool

Leave a Reply

Your email address will not be published.