Infrastructure

DMARC (Domain-based Message Authentication)

A protocol that tells receiving servers what to do when SPF or DKIM checks fail for your domain.

DMARC builds on SPF and DKIM by adding a policy layer. It tells receiving mail servers what to do when an email fails authentication — and provides reporting so you can monitor your domain's email traffic.

DMARC policies:

  • p=none: Monitor only (take no action on failures)
  • p=quarantine: Send failing emails to spam
  • p=reject: Block failing emails entirely

Example DMARC record: v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; pct=100

Best practice implementation path: 1. Start with p=none to monitor 2. Review DMARC reports for legitimate senders 3. Add those senders to your SPF record 4. Move to p=quarantine, then p=reject

Google and Yahoo now require DMARC for bulk senders (5,000+ emails/day).

Related Terms

SPF (Sender Policy Framework)

A DNS record that specifies which mail servers are authorized to send email on behalf of your domain.

DKIM (DomainKeys Identified Mail)

A cryptographic email authentication method that verifies an email was sent by an authorized server and wasn't altered in transit.

Sender Reputation

A score assigned by ISPs to your email sending domain/IP that determines whether your emails reach the inbox.

Related Blog Posts

Email Deliverability Guide: How to Land in the Inbox

14 min read

Want to learn more?

Read our in-depth blog posts on email verification and deliverability.

Visit Blog

Protect your sender reputation

Verify your email list with our 27-stage engine. Start with 100 free credits.