DMARC Record Generator

DMARC Record Generator

?

The domain name for which you are creating or modifying a DMARC record. You can enter a single domain or a comma separated list of domain names.

Check the record above or choose the settings below and we’ll generate a record for you in the correct format.

How strict do you want your DMARC Policy to be?

?

DMARC specifies 3 different possible policy actions to assign to messages which fail DMARC checks. If you are new to publishing a DMARC policy, you should begin with a policy of Monitor only (p=None) so that you can collect and analyze data without affecting your email traffic.

  • None – (most lenient) Tells receivers to take no special action on failing messages, but send DMARC data to the specified reporting addresses.
  • Quarantine – (more strict) Tells receivers to place messages which fail DMARC into the recipient’s spam folder or other quarantined area where the message may be reviewed with suspicion.
  • Reject – (most strict) Tells receivers to reject any messages which fail DMARC and report on the action in DMARC data. Rejected messages will never be available to the recipient.
Do you want a different policy to be applied to Sub-domains?

?

By default, a domain’s DMARC policy applies to all of its sub-domains. DMARC allows you to apply a different policy to sub-domains if you wish; however, whichever sub-domain policy you specify will apply to all sub-domains. If you want a different policy for specific sub-domains, publish a DMARC record specifically for that sub-domain.

DMARC specifies 3 different possible policy actions to assign to messages which fail DMARC checks. If you are new to publishing a DMARC policy, you should begin with a policy of Monitor only (p=None) so that you can collect and analyze data without affecting your email traffic.

  • None – (most lenient) Tells receivers to take no special action on failing messages, but send DMARC data to the specified reporting addresses.
  • Quarantine – (more strict) Tells receivers to place messages which fail DMARC into the recipient’s spam folder or other quarantined area where the message may be reviewed with suspicion.
  • Reject – (most strict) Tells receivers to reject any messages which fail DMARC and report on the action in DMARC data. Rejected messages will never be available to the recipient.
Which DKIM Identifier alignment option should be used?

?

Relaxed alignment allows for the DKIM signing domain and header from domain to be sub-domains of each other. Strict alignment requires the two domains be an exact match.

Which SPF Identifier alignment option should be used?

?

Relaxed alignment allows for the DKIM signing domain and header from domain to be sub-domains of each other. Strict alignment requires the two domains be an exact match.

What Percentage of email do you want to apply this policy to?

?

The percentage of messages from the domain for which the policy will be applied. For example, if you specify a “reject” policy and 50%, then the reject policy will only be applied to a random 50% of the messages failing DMARC Authentication by the receiver.

Generate Failure Reports When

?

You can instruct DMARC receivers under which failure conditions you would like to receive forensic reports.

Which Report Format option should forensic reports be sent in?

?

While the DMARC specification allows both AFRF and IODEF formats for foresnix reports, currently the only format sent by DMARC receivers is AFRF.

How often should aggregate reports be sent?

?

While the DMARC specification allows you to request DMARC aggregate reports in different time intervals, in reality all current DMARC implementations only send reports in 24 hour increments.

Where do you want Aggregate Reports mailed to?

?

DMARC aggregate data about messages from this domain will be emailed to used email.

Where do you want Forensic Data to be mailed to?

?

Samples of messages failing either DMARC-SPF or DMARC-DKIM will be emailed to used email if the email receiver supports this feature of the DMARC specification.