Domain-based Message Authentication, Reporting & Conformance (DMARC) is a standard email authentication method that helps you prevent hackers from spoofing your organization for malicious purposes and allows you to limit sent emails to those authenticated by your organization. DMARC's most basic function is to tell receiving email servers what to do with outgoing messages from your domain that don’t pass the Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) checks. Setting up DMARC also allows you to generate reports to make sure your emails aren't being spoofed.
Refer to the sections below to verify and configure your DMARC settings.
Verify DMARC Configuration
Usually, your domain's DMARC policies are set by your IT rep or domain/mail administrator, but you can also check them yourself with a tool like MX Toolbox.
Within MX Toolbox, enter your domain name in the search bar and click DMARC Lookup.
The Result column shows your current DMARC configuration.
You have now verified your DMARC configuration.
Enable DMARC for Your Domain
If you've followed the steps above and found a DMARC record, there is no need to enable or configure it any further. If the tool did not find a record, refer to the steps below to enable DMARC.
Enabling DMARC for your domain ultimately depends on your domain or email provider. Some popular providers include Google Workspace and Microsoft Office 365. If you use either of these providers, you can refer to links below to confirm the settings and enable DMARC.
- Google Workspace:
- Office 365:
Fix Other Possible Spam Issues
DMARC policies are only one part of making sure your emails are being delivered. You should also set up Sender Policy Framework (SPF) records and Domain Keys Identified Mail (DKIM) to further validate your organization's domain and prevent email bounces.