DMARC

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a DNS policy that tells receiving servers what to do with email that fails SPF and DKIM, and where to send reports about it.

In depth

DMARC builds on SPF and DKIM by adding alignment (the authenticated domain must match the visible From domain) and an enforcement policy: none (monitor only), quarantine (send to spam) or reject (block outright). It also returns aggregate reports so you can see who is sending as your domain. Since February 2024, Google and Yahoo require a DMARC record for bulk senders (roughly 5,000+ messages a day), making it effectively mandatory.

Example

A record like v=DMARC1; p=reject; rua=mailto:dmarc@example.com tells receivers to block unauthenticated mail and email aggregate reports to that address.

Related terms

See our full email marketing glossary or the complete email marketing guide.