The sender domain does not have a DMARC record

Owned by Product team
Dec 19, 2023
2 min read

We have detected that your domain does not have a DMARC record. 

Although this is not a technical error, the lack of a DMARC record is considered a penalization for the inbox delivery of your e-mails.

In fact, ISPs and Mailbox Providers now consider DMARC to be a key factor in the security and authenticity of emails.

What to do

The easiest way to have a DMARC record is to activate a DMARC policy in observation mode.

The observation mode (policy p=none) has no impact on the regular flow of emails.

Since your domain does not have a DMARC record at this time, you can implement it in observation mode by configuring the following record in your DNS:

Name: _dmarc.domain.tld.

Type: TXT

Value: v=DMARC1; p=none

If you are already considering implementing the DMARC record in your company, you can replace this temporary p=none record with the configuration proposed by your technicians.

 

What is DMARC

In a nutshell, DMARC allows the owner of a domain, who is also the sender of email messages, to ask email providers not to deliver unauthorized messages that appear to come from their domain.

This mechanism is useful for preventing phishing and spoofing attacks.

From a technical point of view, DMARC (Domain-based Message Authentication, Reporting & Conformance) is a system based on DKIM and SPF authentications that helps receiving servers (e.g. Gmail, Yahoo, Libero) know what to do when a message cannot be authenticated. It does this by allowing the sender of an email to publish a 'policy' on which mechanism (SPF, DKIM or both) is used to send email and to instruct the receiving servers on how to handle any authentication problems (monitor, spam or reject messages).