Deliverability

DMARC - What It Is, Why It Matters, and How to Set It Up

lemlist team
LAST UPDATED
June 20, 2024
READING TIME
7 min.

A properly configured DMARC record can increase your open rate by 10% or more.

DMARC adds a layer of security to your emails that builds trust with email service providers.

The result is that fewer of your emails will land in the spam folder.

Below, we’ll discuss what DMARC is, why it’s important, and how it works. ⬇️

What is DMARC?

DMARC is an email authentication protocol that stands for Domain-based Message Authentication, Reporting & Conformance.

It's an initiative by some of the biggest senders and receivers of email, like Gmail and Yahoo.

They created DMARC as a response to the increasing amount of fraudulent emails in the early 2010s. (Email is involved in 90% of cybercrimes)

The goal of the DMARC initiative was to combat phishing attacks and other cybercrimes through the implementation of a DMARC record.

A DMARC record is a DNS record you add to your domain’s DNS settings.

Through this record, receiving servers can verify if an email is coming from the domain it’s claiming to come from. It does so through two other DNS records called SPF and DKIM.

Why is DMARC Important? ⚠️

DMARC matters because it makes your emails more secure.

It prevents criminals from using your (sending) domain to launch cyber attacks.

In short: DMARC makes the internet a safer place for everybody.

What’s more, apart from the security aspect of DMARC, Gmail and Yahoo’s new email sender rules now require you to have a DMARC record set up.

Without DMARC, forget about landing in your audience’s inbox, especially if they use Gmail or Yahoo as their email provider.

And it doesn’t just concern Gmail addresses, either.

Companies can use custom email addresses through their Gmail account, and without DMARC, you will not reach many of them!

In a nutshell, if you’re doing email outreach in 2024, you need DMARC!

How Does DMARC Work? 👷

a flowchart of the DMARC authentication process

DMARC allows the receiving email server to verify if the email comes from the claimed sending domain.

The server intends to authenticate the email through the domain’s SPF and DKIM records.

If one of these authentication methods fail, it means we’re dealing with an unauthorized email.

It’s here where DMARC comes into place. Its policy settings determine what to do with the unauthorized email.

To make it easier to understand, first let’s take a look at a basic DMARC record:

v=DMARC1; p=none; rua=mailto:email@yourdomain.com

While it may look like an incomprehensible line of code, it’ll become crystal clear once you know what the tags mean:

  • ➡️ The “v” stands for version. Since there’s only one valid version currently, this will always be “DMARC1” for now.
  • ➡️ The “p” stands for policy. This is the setting that lets you decide what to do with unauthorized emails. The most common settings are:
    • 👉 “None,” as in the DMARC record above. In this case, unauthorized emails will get a pass to the recipient’s inbox. Though this setting might seem useless, it’s actually the recommended setting for the first few weeks after implementing DMARC. It allows you to receive DMARC reports to monitor what happens to unauthorized emails and ensure that legitimate emails don't get flagged as unauthorized.
    • 👉 “Quarantine” sends unauthorized emails to the recipient’s spam folder.
    • 👉 “Reject” is the strictest setting. With your p tag set on “reject,” none of the unauthorized emails will get delivered.
  • ➡️ The “rua” tag is where you want your DMARC reports sent. As mentioned above, these reports allow you to keep an eye on any email authentication inaccuracies.

The DMARC record above is a basic but fully functional example, but A DMARC can also include other non-essential tags (see table below).

DMARC Tag What it does
Ruf Sends more elaborate reports
Pct Determines what percentage of incoming emails need to undergo the authentication process
Fo Adjusts how reports are created and presented to users
Aspf Determines the level of strictness for SPF authentication
Adkim Similar to “Aspf” but for DKIM
Sp DMARC enforcement for subdomains

How to Set Up a DMARC Record 📝

Since DMARC depends on SPF and DKIM, you must set these DNS records up before DMARC.

Here’s how to set up an SPF record, and go here to configure your DKIM record.

Once your SPF and DKIM records are set up, move on to the next step:

Checking for existing DMARC records

Since having multiple DMARC records can complicate the authentication process, it’s important to check if you already have one set up.

A simple way to find out is through a DNS check.

You can use lemwarm’s free email deliverability checker for this.

It’ll give you an overview of your technical setup, including your DNS records.

Preparing your DMARC record

A basic DNS record will probably do the job for you now.

All you need to change is the “rua” tag so that it corresponds to your email address.

v=DMARC1; p=none; rua=mailto:youremail@yourdomain.com

You can change the policy setting to something stricter once reports start coming in.

Setting up your DMARC record on any domain provider

Now we’re going to add the DMARC record to your domain’s DNS settings.

You can find those settings in your domain provider’s account.

However, if your domain's name servers point elsewhere, for example, to your hosting provider, this is where to find the DNS settings for your domain.

The exact steps may vary for different providers, but the process below should be a good enough guide to be able to add your DMARC record.

➡️ Step 1: Go to your domain’s DNS records

  1. Log in to your domain or hosting provider account
  2. Go to your domain’s DNS settings or records

➡️ Step 2: Add your DMARC Record

Once inside your domain’s DNS settings, you should see a list of DNS records.

Click on “add” or “add new record.” You should see a form like the one below:

a form to add a DNS record
  1. For type, choose TXT. Some providers will also have a DMARC option here, but usually you need to set up a TXT record.
  2. In the Host field, enter “_dmarc”. If your hosting/domain provider doesn’t automatically append your domain name here, then the value here should be _dmarc.yourdomain.com.
  3. In the Value or Target field, paste your DMARC record. For starters, you can use the one we shared above. Just make sure to update the email address!
  4. Leave the TTL setting to its default
  5. Hit save!

➡️ Step 3: Validate your DMARC record

To verify your DMARC record, you need to run a DNS check again.

Go to lemwarm’s free email deliverability tester and check your results.

💡Important: it can take up to 48 hours for your DMARC to propagate. Usually it’ll be active much sooner than that, but please give it some time before running a DNS check.

Setting up your DMARC record is not difficult, but you may want to make things even simpler. Use this DMARC generator to help you out.

A Note on DMARC Reports 🗒️

Remember the “rua” tag in your DMARC record?

Well, as mentioned briefly earlier, there’s another reporting tag called “ruf.”

The “ruf” tag sends more detailed and elaborate reports than “rua.”

Both tags hold the email address your DMARC reports will be sent to.

The reports will give you insights into the authentication process.

Among other things, the reports will tell you if emails passed or failed authentication and which servers sent them.

Additionally, they allow you to find out what happened to the emails based on their authentication status.

Unfortunately, reports are sent in XML, which can be quite tough to analyze, so a tool that makes those reports more readable, such as EasyDMARC's DMARC report analyzer, can be very useful.

But what information exactly will you see in your DMARC reports?

  • All domains sending emails using your domain in their “From” field
  • IP addresses of the domains using your domain
  • The number of daily emails
  • SPF and DKIM authentication results
  • DMARC results
  • Emails that were quarantined
  • Emails that were rejected
  • Forensic/failure reports

Aggregate Reports (rua)

Reports with a rua tag are essentially broad descriptive reports.

These reports are sent in an XML format. Here’s an example rua report:

Example of a DMARC rua report
Source: DMARCLY

Here’s the key information included in a rua report:

Reporting Period Timeframe the Report Covers
Sender IP Addresses IP addresses that sent emails on behalf of your domain
SPF Results Including nº of messages that passed SPF, nº of messages that failed SPF, and domains involved in SPF authentication
DKIM Results Including nº of messages that passed DKIM, nº of messages that failed DKIM, and DKIM signatures used
DMARC Results Including nº of messages that aligned with your DMARC policy, nº of messages that did not align and the disposition applied
Authentication Results Summary of authentication methods used
Message Count Total number of messages received from each source
Failure Details Information on failed authentication methods
Message Headers Headers of failed authentication messages
Aggregate Statistics Summary statistics including percentage of authenticated and failed messages, among other metrics
Reporting Identifier An identifier to match reports to specific DMARC configurations

Failure Reports (ruf)

The “ruf” tag offers more elaborate reporting.

Here’s what’s included in DMARC ruf reports:

Message Headers Full header of the failed email
Message Body Content of failed email
Authentication Results Authentication check details and why they failed
Envelope Sender Email address used as the return path for the failed message
DKIM Signature Information In case of DKIM authentication failure, report includes details of the DKIM signature used, such as selector and domain
SPF Information In case of SPF authentication failure, the report includes information about the SPF record for the sending domain and the IP address that sent the message
Autenthication-Results Header Summary of authentication results, including failure checks and why they failed
DMARC Policy Policy type (quarantine or reject)
Timestamps When the message was received and when the failure report was generated
Message Size Size of the failed message
Reporting Source Information about the source that generated and sent the DMARC failure report
Additional Metadata Additional information that can be helpful in the failure analysis and authentication failure

Key Takeaways 🔑

For email outreach, you must ensure that your technical setup is on point, as low open rates will cost you money.

DMARC is a critical component of your technical setup.

Without it, not only are your emails less secure, but they're also more likely to be sent to spam or not delivered at all.

While initially, setting up a DMARC record can seem complicated, once you know how it works, it becomes a breeze.

Use the information in this post to set up DMARC for your domain today!

Get weekly outreach tips
SHARE THIS ARTICLE
Thanks! You've successfully subscribed to lemlist newsletter
Oops! Something went wrong while submitting the form.
G2 Rating
Price
Best for
Standout feature
Con
4.9
star
star
star
star
star
$30/mo
$75/mo
$2,999/mo
Large, distributed sales teams
AI evaluation precision, gamified KPIs
Lack of tracking system
4.6
star
star
star
star
star-half
Not publicly available
Sales operations and finance teams
Powerful configurability
Limited training resources and complex to navigate
4.4
star
star
star
star
star-half
Not publicly available
Mid-market and enterprise businesses
Comprehensive incentive management
Potentially high cost and steep learning curve
4.7
star
star
star
star
star-half
$15/user/mo
$40/user/mo
Enterprise: custom price
Complex sales structures and businesses of all sizes
Complex sales structures and businesses of all sizes
Steep learning curve
4.6
star
star
star
star
star-half
Not publicly available
Collaborative teams
Connected planning
Complexity and steep learning curve
4.6
star
star
star
star
star-half
Not publicly available
Companies with complex sales structures
Complex incentive compensation management (ICM) with high efficiency and accuracy
Complexity for smaller teams and potentially high costs
4.7
star
star
star
star
star-half
Not publicly available
Companies who want to automate commission calculations and payouts
Simplicity and ease of use
Lack of features like redirection
4.7
star
star
star
star
star-half
$30/user/mo
$35/user/mo
Custom: upon request
Businesses that need a comprehensive and user-friendly sales compensation management software
Ease of use and adoption
Lack of ability to configure the product based on user needs
4.8
star
star
star
star
star-half
Not publicly available
Companies with modern sales culture and businesses who want real-time insights
A built-in dispute management and real-time visibility
Users say it works slowly, customer support is slow
4.9
star
star
star
star
star
$30/user/mo
$50/user/mo
Smaller sales teams
Powerful automation
Lesser user base and average user interface
4.7
star
star
star
star
star-half
Not publicly available
Companies with scalable needs
Automated Commission Calculations
Lack of filtering by date, no mobile app
ERP vs. CRM
ERP
CRM
Summary
Backbone of a business's internal operations.
Backbone of customer-centric interactions and operations.
Goal
To centralize and streamline core business processes in a company.
To increase customer experience, satisfaction and loyalty, and boost sales.
Focus
Internal operations and processes across departments (finance, accounting, inventory, supply chain, HR, and sales).
All interactions with leads and customers.
Manages
Internal business data like financial data, inventory levels, production details, supply chain, HR info.
All customer data like contact info, purchase history, communication history, customer preferences and more.
Users
Finance, accounting, operations, supply chain, and HR departments.
Customer-facing teams like sales, marketing, and customer service.
Benefits
Streamlines operations, improves data accuracy, enhances decision-making, boosts collaboration, increases productivity.
Improves customer relationships, increases sales, strengthens customer service, personalizes marketing campaigns, provides insights.
Price
$150 per user per year on average.
$10 to $30 per user per month on average.
PRM Tool
Rating
Feature
Pro
Con
Mobile App
Integrations
Free Plan
Pricing
4.65
star
star
star
star
star-half
Org-wide alignment
User-friendly layout and database
Suboptimal as a personal CRM
square-check
Lack of tracking system
square-check
Team: $20/month
Business: $45/month
4.7
star
star
star
star
star-half
Social Media Integration
Easy contact data collection
No marketing/sales features
square-check
Lack of tracking system
square-xmark
7-day trial
$12/month
4.75
star
star
star
star
star-half
Block Functions
High customization capability
Not a dedicated CRM
square-check
Limited
square-check
Plus: €7.50/month
Business: €14/month
N/A
Open-source
Open-source flexibility
Requires extensive manual input
square-xmark
Limited
square-check
Self-hosted
$9/month or
$90/year
3.1
star
star
star
Simple iOS app
Ideal for non-tech-savvy users
iPhone only
square-check
iOS only
Limited
square-xmark
1-month trial
$1.49/month or
$14.99/month
3.6
star
star
star
star-half
Smart Contact Management
Feature-rich and flexible
Reported bugs
square-check
Rich
square-xmark
7-day trial
Premium: $13.99/month
Teams: $17.99/month
4.4
star
star
star
star
star-half
Customizable Interface
Customizable for teamwork
Pricey for personal use
square-check
Rich
square-xmark
Standard: $24/member
Premium: $39/member
4.7
star
star
star
star
star-half
Integrated Calling
Integrated Calling
Too sales-oriented & pricey
square-check
Rich
square-xmark
14-day trial
Startup: $59/user/month
Professional: $329/user/month
4.8
star
star
star
star
star
Business Card Scanning
Business Card Scanning
Mobile only
square-check
Limited
square-check
$9.99/month
4.45
star
star
star
star
star-half
160+ app integrations
Comprehensive integrations
No free app version
square-check
Rich
square-xmark
14-day trial
$29.90/month or
$24.90/month (billed annually)
Capterra Rating
Free Trial
Free Plan
Starting Price (excluding the free plan)
Maximum Price (for the most expensive plan)
Best for
4.5
star
star
star
star
star-half
square-check
14-day
square-check
€15/month/seat billed annually
€792/month/3 seats billed annually + €45/month for each extra seat
Versatility and free plan
4.2
star
star
star
star
square-check
30-day
square-xmark
But it offers reduced price to authorised nonprofit organisations
€25/user/month
€500/user/month billed annually (includes Einstein AI)
Best overall operational CRM
4.3
star
star
star
star
star-half
square-xmark
square-check
Limited to 3 users
Comprehensive incentive management
€52/user/month billed annually
Small-medium businesses and automation
4.5
star
star
star
star
star-half
square-check
14-day
square-xmark
€14/seat/month billed annually
€99/seat/month billed annually
Sales teams and ease of use
4.1
star
star
star
star
square-xmark
square-check
Limited 10 users
$9.99/user/month billed annually
$64.99/user/month billed annually
Free plan for very small teams up to 10
CRM goal
Increase the sales conversion rate for qualified leads from marketing automation campaigns by 10% in the next 6 months.
SMART Breakdown
1. Specific: It targets a specific area (conversion rate) for a defined segment (qualified leads from marketing automation).
2. Measurable: The desired increase (10%) is a clear metric, and the timeframe (6 months) allows for progress tracking.
3. Achievable: A 10% increase is possible based on historical data and potential improvements.
4. Relevant: Boosting sales from marketing efforts aligns with overall business objectives.
5. Time-bound: The 6-month timeframe creates urgency and a clear target date.
Actions
Step 1: Refine lead qualification criteria to ensure high-quality leads are nurtured through marketing automation.
Step 2: Personalize marketing automation campaigns based on lead demographics, interests, and behavior.
Step 3: Develop targeted landing pages with clear calls to action for qualified leads.
Step 4: Implement lead scoring to prioritize high-potential leads for sales follow-up.
Step 5: Track and analyze campaign performance to identify areas for optimization.
Outcomes
Increased sales and revenue
Improved marketing automation ROI
Marketing and sales alignment
Data-driven marketing optimization

What you should look at next

Receive weekly outreach tips in your inbox, sent to 210 000+ salespeople, marketers, founders, and entrepreneurs worldwide!

Subscribe to the lemlist newsletter
You've successfully subscribed to the lemlist newsletter!
Oops! Something went wrong while submitting the form.