TXT TXT Record — DMARC

DMARC is published as a TXT record at _dmarc.example.com. Learn every tag, the rollout path from none to reject, and how to set up aggregate reports.

Record Type
TXT
Category
Authentication (TXT)
RFC
RFC 7489
Email Relevant
Yes
Format
TXT "v=DMARC1; p=<policy>; rua=mailto:<address>"
Example
TXT "v=DMARC1; p=reject; rua=mailto:[email protected]; adkim=s; aspf=s"
TTL Guidance
3600 s; lower during initial rollout (p=none phase)

💬 What This Record Does

DMARC (Domain-based Message Authentication, Reporting, and Conformance) ties together SPF and DKIM. It is published as a TXT record at _dmarc.example.com and tells receiving servers what to do with messages that fail SPF or DKIM alignment: nothing (p=none), quarantine them (p=quarantine), or reject them outright (p=reject). DMARC also enables aggregate (rua) and forensic (ruf) reports so you can see who is sending from your domain.

Common Uses

  • Protecting your domain from impersonation and phishing
  • Receiving aggregate reports (RUA) to audit your email streams
  • Progressing from p=none (monitoring) to p=quarantine to p=reject as confidence grows

⚠️ Watch Out For

  • DMARC checks alignment — the SPF or DKIM domain must match the From: header domain.
  • Jump straight to p=reject without monitoring and you may accidentally block legitimate email.
  • The rua address on an external domain (e.g., reports go to a different domain) requires a DNS verification record on that domain.

🔧 Related Tools

DMARC Analyser → DMARC Builder → DMARC Tags Ref →

📚 References

RFC 7489 — DMARC DMARC Tags Reference

🔗 Related Record Types

TXT
TXT Record — SPF
 TXT
TXT Record — DKIM
 TXT
TXT Record — BIMI
← All DNS Record Types