Appendix - DMARC record deployment

Domain-based Message Authentication, Reporting and Conformance or DMARC is a method of email authentication, which is a way to mitigate email abuse. It expands on two existing mechanisms, the well-known Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), coordinating their results on the alignment of the domain in the From: header field, which is often visible to end users. It allows specification of policies (the procedures for handling incoming mail based on the combined results) and provides for reporting of actions performed under those policies.

This record is optional, you don't have to deploy it except you want to receive report from email receivers which support DMARC record.

You can get more detail by the following URL: http://dmarc.org/

Generate DMARC record by DKIM Manager

Open DKIM Manager -> "SPF/DMARC Tool" - > "DMARC" -> input your domain and click "Start".

Change DMARC options and click "Update", you will get a value in Record Value.

DMARC Parameters

https://tools.ietf.org/html/rfc7489#section-6.3

Deploy DMARC in Windows DNS Server by DKIM Manager

If your domain is hosted by Windows DNS Server in local LAN. After you get Record Value in DKIM Plugin Manager, you can click "Deploy DMARC", input your DNS server address and choose the DNS zone, DMARC record will be deployed to DNS server automatically.

Deploy DMARC in Windows DNS Server manually

• Select and open a domain (e.g. emailarchitect.net) which you want to add a DMARC record to. Right-click the record list and select "Other New Records..." from the menu.
• Select the Text (TXT) record type and click the "Create Record..." button.
• Copy the value (v=DMARC1 ...) from Record Value and paste it to the "Text" text box and input "_dmarc" in Record Name. Click the OK button.

Deploy DMARC in Network Solutions DNS server

If your domain is hosted by www.networksolutions.com, you can deploy your public key like this:

• Step 1: Select your domain
• Step 2: Select the "Edit TXT Record.
• Step 3: Copy the value (v=DMARC1 ...) from Record Value and paste it to the "Text" text box and input "_dmarc" in Host. Click the "Continue" button.

Deploy DMARC in GoDaddy DNS server

If your domain is hosted by GoDaddy, you can deploy your public key like this:

• Select your domain -> "Manage DNS".
• Select the Records -> "Add".
• Select Type as "TXT", Copy the value (v=DMARC1 ...) from Record Value and paste it to the "TXT Value" text box and input " _dmarc" in Host. Click the "Continue" button.

Deploy DMARC record in BIND Server

If your domain is hosted by Bind DNS server, you can add DMARC record like this: locate your domain's zone file and open it with your preferred editor, then add the following content:

 ; DMARC
 _dmarc.yourdomain.com.      IN     TXT    "v=DMARC1 ..."

Deploy DMARC record in other DNS server

If your domain is hosted by other ISP, as most ISP provide DNS Web administration to set up DMARC record. If you are not DNS server administrator, or your domain is hosted by other DNS server, please send the information in Record Name and Record Value to your domain DNS server administrator for assistant.

If you have any problem in DomainKeys/DKIM/SPF/DMARC record implementation, please contact support@emailarchitect.net.

See Also

Online SPF Test Tool

Setup DomainKeys/DKIM
Deploy Public Key in DNS server
Test DomainKeys/DKIM signature
Troubleshooting
Using Selector
Using Sender Rule
Server Core and Installer Command Arguments
Set up SPF record
Appendix - DKIM/SPF/DMARC Inbound Authentication in Exchange Server
Appendix - Use DkimPowerShell Module in PowerShell

Online

DKIM in IIS SMTP Service - Tutorial
DKIM in Exchange Server 2003 - Tutorial
DKIM in Exchange Server 2007/2010/2013/2016/2019 - Tutorial

DKIM/SPF/DMARC Inbound Authentication in Exchange Server
Bulk Email Sender Guidelines