Skip to main content
Act-On Software

DMARC Overview and Process

Domain-based Message Authentication, Reporting, and Conformance (DMARC) standardizes email authentication methods for SPF and DKIM. DMARC is designed to protect a domain from being used maliciously or without consent in third-party mailings.

When a recipient's email server evaluates for a DMARC pass/fail, it checks for alignment between SPF or DKIM domains and the domain in the "From" address. These must match for DMARC to pass. 

To use DMARC with Act-On, you must have DKIM set up for your "From" domain in Act-On and have an SPF record to include all mail servers sending email on your behalf. Once these are done, your IT team can add a DMARC record to DNS. DMARC is added to DNS using a TXT type record, such as the below:

_dmarc.example.com IN TXT v=DMARC1; p=none;

Please note: This is a simplified version of what most DMARC policy records look like. The record above indicates to receiving servers that SPF or DKIM should be valid for all messages using the client's domain in the "From" address, but does not tell the receiving server to take any specific action if DMARC evaluation fails. A more stringent record for example might use "p=reject;" to tell receiving servers to reject all messages which fail DMARC.

Whether to implement DMARC and what policy settings to use are business decisions that you should make based on your company's needs. Implementing DMARC incorrectly will cause messages to bounce. Please evaluate these decisions carefully before proceeding.

  • Was this article helpful?
Support

Have a question about this topic?

Ask the community!