What is and how to create a DMARC Profile

Do you ever look in your spam folder and see emails from a brand, but then look more closely and see that they are actually phishing emails? 

How was your email server able to determine that it wasn't the brand that sent the email and why did it end up in your spam folder?

This is partly due to a form of email authentication known as Domain-based Message Authentication, Reporting, and Conformance or DMARC for short.

There is code in every email's headers that allows a conversation between the sending email server and the receiving email server to exchange information about who is sending the email and who should be receiving the email. 

More importantly, in a world full of SPAM and phishing, the information about who is sending the email has secret codes that verify the sender using the Domain Naming System or DNS records.

A or DMARC TXT record is an entry in your domain's DNS records that tells a recipient's email server what to do if an email fails this authentication. 

When a DMARC TXT record is in a place, Gmail, Yahoo, or whatever service is being used knows whether to:

  1. Do nothing
  2. Quarantine the email (send it to the spam folder)
  3. Reject the email

How to Create a DMARC TXT Entry

As with DKIM and SPF, FeedBlitz Support cannot create DNS records on your behalf. You must contact your provider if you need support.

Additionally, prior to creating a DMARC TXT entry, you must already have DKIM and SPF in place.

A DMARC entry can have up to 11 tags included. However, only two are required, and here at FeedBlitz, we suggest you keep it simple as you get started. You can learn more about DMARC at MXToolbox, an excellent resource for deliverability education.

You will create a name for your entry. The name should be _dmarc.yourdomain.com . Please note that "yourdomain" is a placeholder for your actual domain or subdomain. 

The type of your entry is TEXT.

Your entry has tag value pairs separated with semicolons. This entry must have a v and a p tag.

V is the version tag. You are responsible for creating and tracking the versions of the entries you create. We suggest keeping it simple, something along the lines of v=DMARC1; to start.

P is the second required tag and is the policy tag. This tag tells service providers what to do with emails that fail authentication checks. Your choices are:

  1. none
  2. quarantine
  3. reject

When you enter your tag value pairs into your record, it is very important to ensure you do not have typos and that you use straight quotes and not curly quotes to prevent creating errors. 

A minimal DMARC entry set to tell providers to send emails that fail SPF or DKIM to the spam folder would look like:

"v=DMARC1; p=quarantine;"

There are 11 total tags that can be included in a DMARC profile. Try to keep your profile as simple as possible.

We do recommend including the pct tag Start with a low value, like 1. You do not need to include a % symbol. Once you have confirmed that your authentication has been set up correctly, you can increase your percentage. Remember to include the semicolon after the value. pct=1;

And that is how to create a DMARC TXT entry. As always, if you have any questions, please don't hesitate to let us know. You can find all of our great support resources and how to get in touch with us via email, chat, or phone on our Support Page

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.