Quick summary
- What it is: DMARC (Domain-based Message Authentication, Reporting and Conformance) is a policy published in your domain's DNS that tells recipient mail servers what to do when.
- What it's for: it helps configure, send, receive and protect email for a domain.
- When to check it: when creating email accounts, configuring an email client or investigating sending and receiving issues.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a policy published in your domain's DNS that tells recipient mail servers what to do when they receive an email that does not pass SPF or DKIM authentication checks.
What is DMARC used for?
DMARC fulfills two main functions:
- Protection: Prevents third parties from using your domain to send fraudulent emails (phishing, spoofing) that would go undetected if you only had SPF or DKIM.
- Visibility: Sends you periodic reports with information about who is sending email on behalf of your domain, allowing you to detect unauthorized use.
What does a DMARC record look like?
DMARC is published as a TXT record at _dmarc.yourdomain.com. A basic example:
v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com
p=none: monitoring only, no action is taken (recommended to start).p=quarantine: emails that fail verification go to spam or quarantine.p=reject: emails that fail verification are completely rejected.rua=mailto:...: address where you will receive activity reports.
Why is it important for hosting users?
Configuring DMARC is the final piece of the email authentication system along with SPF and DKIM. Without DMARC, even if you have correct SPF and DKIM, you have no control over what happens when someone impersonates your domain. With a well-configured p=reject policy, fraudulent emails sent in your domain's name are automatically rejected by recipient servers.
When will you encounter it?
DMARC appears in articles about spam problems, email delivery and email security. If you receive reports that your legitimate emails are being rejected, or if you discover that someone is sending spam using your domain, reviewing the DMARC configuration is one of the key steps.
Why it matters in hosting
Understanding this concept will help you make better decisions when managing your service. In practice, it relates to configuring, delivering, receiving and protecting email for a domain. If it appears in a guide, the control panel or a support response, review the context before making changes.
Related articles
- Webmail
- IMAP
- POP3
- SMTP
- SPF