Related terms


Email marketing platform with everything you need to design, send campaigns, and perform upmost efficient tracking



DMARC (Domain-based Message Authentication, Reporting, & Conformance) is an email verification protocol that confirms that emails are being authenticated correctly and not fraudulently.

Are your email deliveries ending up in spam? Acrelia provides you with all the tools to prevent this. Try it now.

How does DMARC work?

When a sender sends an email, the first thing the server does is check if a DMARC record has been implemented for that domain. If it has, authentication is performed, and if it passes, the email continues on its way. If it fails authentication, it may be treated as a potential case of spam and can be rejected or quarantined, as per the record's instructions.

Additionally, recipients' ISPs can send reports so that the sender knows which addresses have been attempting to fraudulently use their domain. This information also serves as a prevention measure for future email deliveries.

How to configure DMARC?

DMARC is a line of text code that is configured in the DNS of the domain to be protected. This record indicates what to do when SPF and DKIM protocols fail, so at least one of them must be active for it to work.

The record's parameters indicate the protocol version (v), what action to take for suspicious messages (p), where to send error reports (ruf), and the correspondence with DKIM and SPF (adkim and aspf, respectively).

An example of a DMARC record could be the following: v=DMARC1;p=quarantine;

Here, it indicates that suspicious messages will be quarantined ("reject" would be for rejecting them, and "none" for taking no action), and the reports will be sent to postmaster@.

Another example that includes correspondence with other authentications would add the parameters adkim=r;aspf=s to the record. In this case, it indicates that the configuration is "relaxed" for DKIM and "strict" for SPF, meaning that subdomains would be accepted in the first case and, in the second, that the email header must exactly match the domain.

Why is DMARC important?

With DMARC, the owner of a domain ensures that only they can send emails with that sender's address. This is the best way to protect against misuse of their brand, such as spoofing, and it contributes to users being able to trust the authenticity of the message.