What is A DMARC Record?

Know the components of a DMARC record and it’s importance 

Email Security > DMARC

What is a DMARC Record?

In today’s digital landscape, implementing DMARC records to tackle the rising threat of cyberattacks is of utmost importance. These attacks jeopardise sensitive information and put entities interacting with your company at risk. However, you can eradicate this risk by implementing the DMARC record. These records act as robust shields, instructing recipient servers on handling emails that fail authentication checks. By quarantining or rejecting suspicious emails, it provides a much-needed layer of defence.

By Cian Fitzpatrick | 16th November, 2023

3 lock, 2 opened and one locked

What is the Purpose of a DMARC Record?

A DMARC record has two main purposes. They are:

  1. Instruct the recipient server

It guides the recipient server on what to do if the email fails authentication checks like:

  • Reject the message
  • Quarantine the message
  • Allow the message to continue the delivery
    2. Send the reports
Reports are sent to the email address mentioned in the DMARC record about all email activities associated with the domain.

What does a DMARC Record Look Like?

Creating a DMARC record ensures servers can distinguish between legitimate and fake emails. As a result, it protects against various security threats, such as phishing, spoofing, and spamming.

Before getting started, we need to learn about DMARC TXT Record tags.




It represents the protocol version. For example, v=DMARC1


It is the percentage of messages subjected to filtering. It ranges from 0 to 100.


It indicates the reporting URL for forensic reports.


It indicates the reporting URL for aggregate reports


It is the policy for the organisational domain. It includes three types of policy.




Policy for a subdomain of the organisational domain.


Alignment mode for DKIM.


Alignment mode for SPF


Get email samples for messages that fail SPF and DKIM. You can choose four values;

“0” if SPF and DKIM fail (Default)

“1” if SPF or DKIM fails

“d” DKIM failure

“S” SPF failure

Try our 7 day free DMARC trial now

Sign Up Now

What DMARC Record Looks Like?

Typically, DMARC records consist of plain text, a list of DMARC tags segregated by semicolons. It consists of atleast three components, but you can add other optional tags as per need. It’s necessary to place “v” and “p” tags at the beginning; other tags can follow any order.

To get in-depth insight, let’s break down the example of a DMARC record and learn it piece by piece. 

“v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com

We have three mandatory tags, v, p and rua, with the values DMARC1, none and mailto:dmarc@yourdomain.com.

  • The v tag indicates the version of DMARC.
  • The p tag is the policy that indicates what action the receiver should take if the message fails the authentication checks.
  • The rua tag sends aggregate reports to a specified email. The prefix mailto: should be added before writing an email address.


Based on specific requirements or needs, you can use other tags like pct, ruf, fo, etc. 


DMARC Policy:

If your message fails the authentication check, you can specify what actions to take in the policy(p) tag. There are 3 types of policy you can choose from:

  • Monitoring Policy (“p=none“)

This policy doesn’t give any protection. But emails are constantly monitored. Generally, during the initial implementation process of DMARC, emails are monitored. Gradually, it is upgraded to quarantine and finally reaches the reject stage.


  • Quarantine Policy(“p=quarantine”)

It places emails that fail authentication checks in the spam or quarantine folder.


  • Reject policy (“p=reject“)

It immediately rejects emails that fail the authentication check.

It protects against fraudulent mail by not giving a single chance to reach the recipient’s email.

Why are DMARC Records Important?

DMARC has grown from a mere option to the absolute necessity for email security and protection against cyber attacks such as email spoofing and phishing attacks. With the surge in technology, the threat actors have come up with new sophisticated techniques to steal company identity and deceive customers and employees. By implementing DMARC, you’re defending against constantly lurking threats.

Improved Email Delivery Performance

Even your legitimate emails may fail to reach the recipient server’s inbox. To amend this, you can use the DMARC record, which helps to identify and fix any authentication issues. As a result, email delivery performance is enhanced.

Reduced Phishing and Spoofing Attacks

It is a primary defence against cyberattacks like phishing, spoofing, and identity theft. In addition, it helps domain owners prevent unauthorised parties from sending emails on their behalf. It protects not only the company but also the customers associated with it.

Enhanced Brand Protection and Reputation

Building a brand doesn’t happen overnight, yet a single mistake can cause your brand to crumble like a chain of falling dominoes. Not only will your company suffer, you’ll likely lose hard-earned loyal customers. In addition to that, your reputation will take a direct hit, and sometimes, it’s impossible to build your reputation the way it was.

DMARC record prevents bad actors from impersonating your brand’s domain. It ensures that your employees and customers get only legitimate emails. Furthermore, it will enhance your credibility as a brand that prioritises protecting your customers’ interests.

Increased Visibility into Email Sending Behaviour

The DMARC record provides ongoing data about the use of your domain, and it also aids in identifying threat actors that impersonate your domain. Moreover, the reporting mechanism of DMARC will instantly recognise if someone is misusing your domain.

More Control Over How Your Domain is Used

Implementing DMARC records in your domain’s DNS enables you to gather information about the entities sending emails on your behalf. DMARC record eradicates this risk and prevents your domain from being used for malicious purposes.

Learn how you can be DMARC compliant

Contact Us

How Does a DMARC Record Work?

Before publishing the DMARC record, it’s essential to implement DKIM and SPF protocols. Combining these three components produces a synergical effect, which forms a robust shield to protect against cyberattacks.


Here’s how it works:

  1. Domain owner publishes DMARC TXT record in DNS server, instructing recipient server what action to take if email fails authentication check.
    These actions can be:
  • Reject the unauthorised email
  • Take no action
  • Quarantine the unauthorised email

    2. When the recipient receives an email, it checks for DMARC records. Then, it performs SPF and DKIM authentication and alignment checks to ensure the sender is legitimate.

    3. After the SPF and DKIM checks, the sending domain’s DMARC policy is applied. The decision to quarantine, monitor or reject email depends on the DMARC policy.

    4. Lastly, if reporting tags like rua and ruf are placed in the DMARC record, the domain owner will receive aggregate reports and forensic reports in a specified email address.

Who Can Use DMARC Records?

It can be confusing to determine who can use DMARC records, whether it’s limited to large organisations or if individuals can use it too. Well, the answer is quite simple. Anyone with a domain can use the DMARC record to verify the emails you’re sending are legitimate. Recipient servers use DMARC records to determine what to do with the message that failed the authentication check.

Where Are DMARC Records Stored?

DMARC record is stored in the DNS server as a TXT record, and this TXT record name can be set as “_dmarc.customerdomain.com”, where customerdomain.com can be replaced with the organisation’s actual domain name. It instructs the recipient server what action to take if the email fails the authentication check.

How Many DMARC Records Can I Have?

You can have only one DMARC record for one domain and subdomain. If there is more than one DMARC record at the same level, it can create confusion. When multiple DMARC records are present, the recipient may face a conflict in determining which policy to adhere to and where to send the report.

What Happens If There Is No DMARC Record?

With the absence of a DMARC record, you become vulnerable to cyberattacks. Threat actors can easily impersonate your domain and plot fraudulent schemes against your customers. A DMARC record acts as a shield against these malicious activities. That’s why it’s essential to implement DMARC records.

How to Check the DMARC Record?

To verify and validate the DMARC record, you can use a free DMARC diagnostic tool available online: DMARC Record Checker. Using this, you can easily identify any issues regarding your DMARC record. It helps to determine whether the TXT record is published correctly or not and where your reports are being sent.

Why Did My DMARC Record Check Fail?

Your DMARC record check can fail due to various reasons;

  • SPF and DKIM records misalign with the “From” domain in the email header.
  • SPF and DKIM authentication failure.
  • Misconfiguration of DMARC policies.
  • Phishing or spoofing attacks.

What are the Components of a DMARC Record

The major components of the DMARC record include three tags: v, p and rua.

  • v tag indicates the version of DMARC you’re using.
  • p tag indicates the policy you’ve selected regarding any emails that fail authentication checks
  • rua tag sends aggregate reports to a specified email

DMARC Record Validation Tools

You can use free diagnostic tools like DMARC record checker to verify and validate your DMARC record. By using this tool, you can identify issues with your DMARC record, such as its correct publication status and the destination of your reports.


In today’s digital landscape, DMARC is not just a mere option; it’s an absolute necessity. It creates a layer of protection against the rising threat of cyberattacks like phishing and email spoofing. By implementing the DMARC record, you’re protecting the company and safeguarding the interest of customers who interact with your company.

While understanding DMARC records is crucial in shielding your emails from cyber threats, there’s much more to explore about DMARC’s role in email security. Dive deeper into this vital topic with our comprehensive guide, “What is DMARC?“. This guide offers in-depth knowledge, practical insights, and actionable strategies to fortify your email communications against sophisticated cyber threats. Don’t miss this opportunity to enhance your understanding and safeguard your digital interactions.

Try our 7 day free DMARC trial now

Sign Up Now

Join Our Topsec Newsletter Today

Sign up to get regular updates about email security

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

Topsec Cloud Solutions will use the information you provide on this form to be in touch with you and to provide updates and marketing.