Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

DMARC — Domain-based Message Authentication Reporting and Conformance

DMARC — Domain-based Message Authentication Reporting and Conformance

As of February 2024, Google and Yahoo require a valid DMARC record for anyone sending more than 5000 emails in a single day. These must be set up before you can start sending emails with Echobox and should be configured during your onboarding.

What is DMARC?

DMARC (Domain-based Message Authentication Reporting and Conformance) authenticates emails by aligning SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). You can set up your DMARC record (also known as a policy) to inform email recipients what to do with emails that fail to pass some or all of the authentication methods you have configured (such as DKIM). It is a workflow you configure for your domain as to what should happen with suspected fraudulent email. A DMARC record is a text entry within your DNS records that declares the policy to use after checking SPF and DKIM statuses for an email. For DMARC to work, you need to:

  • Have valid DKIM record in your DNS, ideally both.
  • Publish your DMARC record in your DNS registry

A DMARC record can optionally tell email recipients to send reports back to you, as specified in the DMARC record. These can provide you with insights into the journeys your emails take, which can help you identify problems with delivery early and confirm that no one is fraudulently impersonating you. 

Important Note: Any changes made to your DNS records are done at your own risk.

How to set up DMARC

If you don't already have a DMARC record we recommend a gradual roll out. Your initial DMARC record should be 'relaxed' with no enforcement, following this guide - https://support.google.com/a/answer/10032473?hl=en&fl=1&sjid=13333010916474377396-NA

For Echobox purposes you must have completed at least step "1. Start with a relaxed DMARC policy" in this guide.

Subdomains

  • If you don’t create specific DMARC policies for subdomains, they inherit the parent domain’s DMARC policy.
  • You can check if your DMARC is working and set up properly with some online tools.
  • It can take up to 48 hours for your record to update, depending on your DNS host.