DMARC Guides

DMARC Record Format

DMARC Record Format
03 Jun

Are you tired of phishing attacks cluttering your email inbox? Are you seeking ways to ensure your organization's email domain is secure from spoofers? Say hello to DMARC! Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a powerful email authentication protocol designed to protect your domain from email spoofing and phishing attacks. In this guide, we'll dive into the world of DMARC record format to understand how it works and how to set it up for your email domain.

What is a DMARC Record?

A DMARC record is a TXT record added to your domain's DNS (Domain Name System) settings that tells receiving email servers how to handle unauthenticated emails claiming to be from your domain. DMARC builds on two widely-used email authentication standards, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail), to provide a strong layer of protection against spoofing and phishing.

Components of a DMARC Record Format

Protect Your Data Today With a Secure Password Manager. Our Top Password Managers:

passpack logo
Our #1 Password Manager

Passpack

Secure your digital world with Passpack. This robust password manager is your first line of defense against phishing and cyber threats. With Passpack, you gain an encrypted, safe haven for your passwords, offering you peace of mind and protection. Don't just store passwords, guard them with the fortitude of Passpack. Take control of your online security today – because when it comes to defending against cybercrime, your password manager matters.

Visit Passpack

Visit Website →

nordpass logo
Our #2 Password Manager

NordPass

Enhance your digital safety with NordPass, a powerful tool in our affiliate network. NordPass is a reliable password manager designed to simplify security. It not only stores but also organizes and safeguards your passwords, offering seamless access across devices. It's the hassle-free solution to maintaining strong, unique passwords – a crucial step in combating phishing and cyber threats. Trust NordPass to fortify your online defenses, and experience cybersecurity made easy.

Visit NordPass

Visit Website →

A DMARC record consists of several components, which are easy to understand once familiar:

v=DMARC1

This is the DMARC record identifier. Every DMARC record starts with this tag, and it signals that the DMARC version in use is DMARC1.

p (Policy)

This defines your domain's policy for handling unauthenticated emails. It tells the receiving server what to do when it receives an email that fails DMARC checks. There are three possible policies:

  • none - No specific action is required; this policy is used for monitoring purposes.
  • quarantine - Mark the unauthenticated email as spam or move it to the junk folder.
  • reject - Reject the email outright and do not deliver it to the recipient's inbox.

sp (Subdomain Policy)

This tag is optional, and it defines a policy for all subdomains of your main domain. If not specified, the main domain policy applies to subdomains as well.

adkim (DKIM Alignment Mode)

This sets the alignment mode for DKIM, which ensures the email's "From" header is aligned with the DKIM signature. It can be set to one of the following:

  • strict (s) - The DKIM domain must exactly match the "From" header domain.
  • relaxed (r) - The DKIM domain and "From" header domain may only share the same top-level domain and public suffix.

If this tag is not provided, the default is "relaxed."

aspf (SPF Alignment Mode)

This sets the alignment mode for SPF, which checks whether the email's source IP address is authorized to send emails on behalf of the "From" header domain. This can be set to the same values as the DKIM alignment mode. If not provided, the default is "relaxed."

rua (Aggregate Reports)

This is an optional tag that specifies an email address for receiving aggregate XML reports of DMARC failures. Helpful to assess and monitor DMARC implementation.

ruf (Forensic Reports)

Another optional tag that specifies an email address for receiving detailed forensic reports of individual DMARC failures.

ri (Reporting Interval)

Optional tag that sets the interval in seconds between aggregate reports. The default value is 86400 seconds (24 hours).

fo (Failure Reporting Options)

This optional tag specifies under what conditions the sender should receive forensic reports. The possible values include:

  • 0 (Report if both SPF and DKIM fail, the default value)
  • 1 (Report if either SPF or DKIM fails)
  • d (Report if DKIM fails)
  • s (Report if SPF fails)

Creating Your DMARC Record

Putting together the components, a sample DMARC record may look like the following:

v=DMARC1; p=reject; sp=none; fo=1; adkim=r; aspf=r; rua=mailto:aggregate@example.com; ruf=mailto:forensic@example.com; ri=86400;

Remember that each domain requires its own DMARC record. If you have multiple related domains, you will need to create a record for each one.

DMARC Record Format Example:

Imagine you have a domain example.com, and you want a DMARC record with the following specifications:

- Reject unauthenticated emails from the main domain

- Quarantine unauthenticated emails from subdomains

- Utilize relaxed alignment for both SPF and DKIM

- Send aggregate reports to aggregate@example.com

- Send forensic reports to forensic@example.com

Your DMARC record will look like this:

v=DMARC1; p=reject; sp=quarantine; adkim=r; aspf=r; rua=mailto:aggregate@example.com; ruf=mailto:forensic@example.com;

Now you have a solid grasp on DMARC record format and how to create a DMARC record for your domain. Implementing DMARC is a crucial step in securing your domain against spoofing and phishing. Don't forget to share this comprehensive guide with your peers, helping them protect their domains as well. And keep an eye on our blog for more on cybersecurity and voice phishing to amp up your defense even further.

voice phishing george luna
George Luna

Meet George Luna, the authoritative voice behind our blog posts and your guide through the labyrinth of voice phishing. With over 25 years of dedicated research in cybersecurity, George's expertise is unparalleled. His journey began in the early days of the internet, a time when the concept of cyber threats was in its infancy. Throughout his prolific career, George has relentlessly pursued the evolving landscape of cybersecurity threats, with a particular focus on social engineering and voice phishing. His in-depth research, profound insights, and practical strategies have made him a respected figure in the field and a sought-after speaker at international cybersecurity forums. George's articles distill complex concepts into understandable, actionable advice, empowering readers to secure their digital footprint effectively. His work is a testament to his commitment to creating a safer digital world for all. When he's not unraveling the latest vishing scam or advising companies on security best practices, George can be found teaching the next generation of cybersecurity enthusiasts as a visiting professor. With George Luna, you're learning from a true pioneer, a stalwart defender in the digital realm, and a trusted authority in cybersecurity. His wealth of experience and knowledge is your shield against voice phishing.

Protect Your Data Today With a Secure Password Manager. Our Top Password Managers:

passpack logo
Our #1 Password Manager

Passpack

Secure your digital world with Passpack. This robust password manager is your first line of defense against phishing and cyber threats. With Passpack, you gain an encrypted, safe haven for your passwords, offering you peace of mind and protection. Don't just store passwords, guard them with the fortitude of Passpack. Take control of your online security today – because when it comes to defending against cybercrime, your password manager matters.

Visit Passpack

Visit Website →

nordpass logo
Our #2 Password Manager

NordPass

Enhance your digital safety with NordPass, a powerful tool in our affiliate network. NordPass is a reliable password manager designed to simplify security. It not only stores but also organizes and safeguards your passwords, offering seamless access across devices. It's the hassle-free solution to maintaining strong, unique passwords – a crucial step in combating phishing and cyber threats. Trust NordPass to fortify your online defenses, and experience cybersecurity made easy.

Visit NordPass

Visit Website →

About George Luna

Meet George Luna, the authoritative voice behind our blog posts and your guide through the labyrinth of voice phishing. With over 25 years of dedicated research in cybersecurity, George's expertise is unparalleled. His journey began in the early days of the internet, a time when the concept of cyber threats was in its infancy. Throughout his prolific career, George has relentlessly pursued the evolving landscape of cybersecurity threats, with a particular focus on social engineering and voice phishing. His in-depth research, profound insights, and practical strategies have made him a respected figure in the field and a sought-after speaker at international cybersecurity forums. George's articles distill complex concepts into understandable, actionable advice, empowering readers to secure their digital footprint effectively. His work is a testament to his commitment to creating a safer digital world for all. When he's not unraveling the latest vishing scam or advising companies on security best practices, George can be found teaching the next generation of cybersecurity enthusiasts as a visiting professor. With George Luna, you're learning from a true pioneer, a stalwart defender in the digital realm, and a trusted authority in cybersecurity. His wealth of experience and knowledge is your shield against voice phishing.

Tags:
Newer DMARC Quarantine Policy
Back to list
Older DMARC Quarantine

Related Posts