In simple terms, DMARC stands for “Domain-based Message Authentication, Reporting, and Conformance.”

It’s a technology standard used to enhance email security and prevent email fraud. DMARC helps protect email recipients from receiving malicious or fraudulent emails that pretend to be from a legitimate sender.

In essence, DMARC is like a security checkpoint for emails, making sure that they are genuinely from the claimed sender and not from a malicious source. It adds an extra layer of protection against phishing and email spoofing attacks.

What is DMARC & how does it work?

Why set up DMARC?

Enhanced Email Security & Reduces Phishing Risk
DMARC helps protect your email domain from phishing attacks and email spoofing.

Phishing is a type of cyber attack in which hackers use deceptive ways to trick individuals into revealing sensitive information, such as usernames, passwords, credit card numbers, or other personal data.

By authenticating the sender’s identity, it reduces the likelihood of somebody sending fraudulent emails using your domain.

Improved Email Deliverability
With communication to your customers via email at an all time high; deliverability is crucial.

By implementing DMARC, you can specify how email providers should handle messages that fail authentication checks. This can help prevent legitimate emails from being mistakenly marked as spam, improving overall email deliverability.

You can tell DMARC to either:

Hold it in a quarantine: This is like putting the suspicious email in a temporary holding area, away from the important stuff. You can check it later to make sure it’s okay.

Reject it outright: This is like saying, “No way!” to the suspicious email. It won’t even get to the recipient’s inbox. This helps ensure that only the real, trustworthy emails from you get through.

By setting these clear rules, DMARC helps prevent your emails from being treated as spam or from fake emails causing trouble in your name. It’s like having a bouncer at the door of your email inbox, making sure only the good folks (legitimate emails) get inside.

Brand Protection: DMARC helps protect your brand reputation by preventing unauthorised use of your domain in phishing attempts. This is particularly important for businesses as they rely on trust in their digital communications.

Visibility & Reporting: DMARC provides reporting mechanisms that give you insights into the authentication status of your emails. This information allows you to identify and address issues, monitor for suspicious activity, and continuously improve your email security.

Compliance with Industry Standard: Some of the big email providers like Google and Yahoo have introduced new DMARC requirements from 24th February, 2024. While these new requirements are specifically aimed at accounts sending 5000+ messages a day.  It is best practice to set up DMARC and adhering to these standards can help ensure compliance with regulatory requirements and industry guidelines.

Customer Trust: When recipients see that a sender has implemented DMARC, it adds a level of assurance that the emails they receive are legitimate. This can build trust with customers, partners, and other stakeholders who rely on secure communication.

How To Set Up DMARC?

Firstly if you are setting this up because you’ve received a notification from Shopify or your Marketing Automation platform i.e Klaviyo.  You should ensure first that you have authenticated your domains in these platforms.

You can find further details for Shopify here.

You can find further details for Klaviyo here

1. Sign into your DNS Host (Domain Name System) i.e GoDaddy, Crazy Domains.

2. Select the domain you are adding the DMARC TXT record.

3. Next, you’ll have to locate the option to create a new record or access the TXT section for editing. The interface may differ between different hosting providers.   I.e in GoDaddy you select DNS to show the DNS records and select TXT record from the drop down menu.

4. In the Host Value/Name field, add the value _DMARC and the hosting provider will append the domain or subdomain after that value.

5. Add the Value information. There are two required tag-value pairs that MUST be present on every DMARC record. They are “v” and “p”.

The only tag-value pair for “v” is v=DMARC1

For the “p” tag pair, “p=” can be paired with none, quarantine, or <reject. As tag-value pairs, they would look like: p=none or p=quarantine or p=reject

It is recommended that all new DMARC records should start with p=none, as this policy value allows you to identify email delivery problems due to the domain’s SPF or DKIM so that mail is not accidentally quarantined or rejected.

Also recommended is that you include the “rua” tag so that you will see the resulting reports on your email’s performance.

The record that you put into the Value field should look similar to:

v=DMARC1; p=none; rua=mailto:email@yourdomain.com

(You will replace the email address with the email address you use to send your marketing emails from.  If you use different email addresses to send emails in Shopify and Klaviyo, you will need to set up a DMARC record for each).

6. Hit Create/Save.

7. Verify your record is set up correctly.

Use a tool like this one from MXTools to verify that the record you just created has the correct values and syntax.

Download the instruction slide deck

Or watch this tutorial video: