Do I need a DMARC record for my website?

You need DMARC if you send emails from your domain, especially newsletters or bulk emails. Google and Yahoo require it for bulk senders.

What happens if I set the policy too strict initially?

You might block legitimate emails from reaching recipients. Always start with p=none to monitor before moving to quarantine or reject.

Where exactly do I add the DMARC record?

Add it as a TXT record with the name "_dmarc" (not @ or your domain name). The record goes at _dmarc.yourdomain.com.

How long does it take for DMARC to work?

DNS changes take up to 48 hours to propagate. Email providers may take additional time to start applying your DMARC policy.

Can I use DMARC without SPF?

No, DMARC requires either SPF or DKIM (or both) to work properly. Set up SPF first before adding DMARC.

What email address should I use for DMARC reports?

Use any email address you can access regularly, like dmarc@yourdomain.com or admin@yourdomain.com. You'll receive XML reports about email activity.

Will DMARC affect emails sent from my website's contact form?

DMARC primarily affects emails sent directly from your domain. Contact forms usually send through your hosting provider's mail system and shouldn't be affected.

What is a DMARC Record and How to Set One Up

This guide explains what a DMARC record is and how to set one up to protect your email from being used by spammers.

What is a DMARC Record?

DMARC (Domain-based Message Authentication Reporting Conformance) is a security feature that helps protect your domain from email spoofing. It tells email providers like Gmail what to do when someone tries to send emails pretending to be from your domain.

A DMARC record is a special DNS record that you add to your domain settings. Google and Yahoo now require DMARC records for anyone sending bulk emails, so you may need one if you send newsletters or marketing emails.

Before You Start

You must have an SPF record set up before adding DMARC. DMARC works alongside SPF to verify your emails are legitimate.

How to Set Up Your DMARC Record

Step 1: Choose Your DMARC Policy

Start with the "monitor only" policy. This lets you see what's happening without blocking any emails:

p=none - Monitor only (recommended to start)
p=quarantine - Send suspicious emails to spam folder
p=reject - Block suspicious emails completely

Step 2: Create Your DMARC Record

Your basic DMARC record should look like this:

v=DMARC1; p=none;

To receive reports about email activity, add your email address:

v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com

Step 3: Add the Record to Your DNS

For Web60 customers with DNS management:

Go to your Web60 dashboard
Navigate to DNS Records
Click "Add Record"
Set Type to "TXT"
Set Name to "_dmarc" (not @ or your domain name)
Set Value to your DMARC record (e.g., "v=DMARC1; p=none;")
Save the record

For customers using their own DNS provider:

Log in to your DNS provider (where you manage your domain)
Find the DNS records section
Add a new TXT record
Set the name/host to "_dmarc"
Set the value to your DMARC record
Save the changes

Step 4: Test Your DMARC Record

Use the DNS Health tool to check if your DMARC record is working correctly. DNS changes can take up to 48 hours to update everywhere.

Step 5: Monitor and Adjust

Start with "p=none" for several weeks to monitor email activity. Once you're confident everything is working correctly, you can gradually increase protection:

Change to "p=quarantine" after 2-4 weeks
Change to "p=reject" after another 2-4 weeks if no issues occur

Common DMARC Record Examples

Basic monitoring:

v=DMARC1; p=none;

With email reports:

v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com

Quarantine suspicious emails:

v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com

If you're having trouble setting up your DMARC record or need help with DNS configuration, contact Web60 support for assistance.