FREE TOOL
Generate DMARC policies and DNS records for email authentication. Create comprehensive protection with step-by-step configuration.
Receive daily DMARC aggregate reports. Separate multiple emails with commas.
Receive detailed reports for failed emails. Note: Not all providers send forensic reports.
Validate existing DMARC policies and email authentication.
Create SPF records for email server authorization.
Generate DKIM keys and DNS records for email signing.
Complete domain authentication and deliverability analysis.
Test email content for potential spam triggers.
Calculate optimal mailbox setup for email campaigns.
DMARC record generation requires careful consideration of your email ecosystem. Start with monitoring policies and gradually increase enforcement as you gain visibility into your legitimate email sources.
1. Start with p=none
Monitor email authentication without affecting delivery.
2. Analyze reports
Review aggregate reports to identify legitimate senders.
3. Move to quarantine
Send failing emails to spam folder for review.
4. Enforce with reject
Block unauthorized emails completely for maximum protection.
Policy (p=)
Defines action for emails failing authentication checks.
Aggregate reports (rua=)
Daily XML reports showing authentication statistics.
Percentage (pct=)
Controls rollout speed for policy enforcement.
Alignment modes
Determines strictness of SPF and DKIM domain matching.
A DMARC record is a DNS TXT record that tells email receivers what to do if an email fails SPF or DKIM authentication. It also specifies where to send reports about authentication results.
Start with 'p=none' (monitoring mode) to collect data without affecting email delivery. Once you've verified your legitimate email sources, move to 'p=quarantine' (send failures to spam), and finally 'p=reject' (block failures) for maximum security.
RUA (Aggregate) reports provide a daily summary of email traffic and authentication results. RUF (Forensic) reports provide detailed information about individual authentication failures. We recommend always setting up RUA reports.
Copy the generated TXT record and add it to your domain's DNS settings. The host/name should be '_dmarc' (or '_dmarc.yourdomain.com' depending on your provider) and the value is the record starting with 'v=DMARC1'.
InboxKit provides automated DMARC deployment with monitoring and expert support
