Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

DMARC

DMARC:

DMARC is another protocol that works in conjunction with SPF and DKIM and is used to validate email messages sent from your domain.

In rackspace I make an alias so dmarc goes to “james”.

"v=DMARC1; p=none; rua=mailto:dmarc@somesite.com;"

DMARC is another protocol that works in conjunction with SPF and DKIM and is used to validate email messages sent from your domain.

How to setup DMARC to prevent email sent to spam filters.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that allows domain owners to protect their domain from unauthorized use, also known as email spoofing. Here’s a suggested checklist for setting up DMARC to help prevent email sent to spam filters:

Create a DMARC record:

A DMARC record is a TXT record that you can add to your DNS settings. The record should include information about the DMARC policy for your domain.

Identify the mail servers that send email for your domain:

You need to know which mail servers are authorized to send email for your domain.

Align your SPF and DKIM:

Make sure that the SPF and DKIM records for your domain are aligned with the DMARC policy.

Use the DMARC record to publish your policy:

Use the DMARC record to specify the policy for your domain. Your policy can be set to “none”, “quarantine” or “reject”

Test your DMARC record:

You can use tools such as DMARC Analyzer to check that your DMARC record is set up correctly.

Monitor DMARC reports:

DMARC allows receivers to send reports about messages that pass or fail DMARC evaluation. You should configure your email server to receive and process these reports to gain insight into how DMARC is functioning.

Review the DMARC reports:

Review the DMARC reports to get an understanding of which messages are passing or failing the DMARC check.

Update your DMARC policy:

Based on the DMARC reports, you may need to update your DMARC policy to better align with your email sending practices.

Use a DMARC record aggregator:

A DMARC record aggregator can help you handle the volume of reports and make it easier to analyze DMARC data.

By following these guidelines, you can help ensure that your domain is protected from unauthorized use, also known as email spoofing and that your emails are less likely to be blocked by spam filters. DMARC, along with SPF and DKIM, provide a defense in depth approach to email authentication and help you to protect your domain from phishing and fraud.

DMARC (Domain-based Message Authentication, Reporting & Conformance):

  • Use “p=reject” or “p=quarantine” in the DMARC record to instruct email receivers to reject or quarantine emails that fail DMARC evaluation.
  • Be careful when using “p=reject” as it can cause legitimate emails to be rejected.

A valid DMARC record for example.com would look like this:

"v=DMARC1; p=quarantine; pct=90; rua=mailto:dmarc@example.com; ruf=mailto:dmarc-ruf@example.com; fo=1; adkim=r; aspf=r; sp=quarantine"