{"id":6471,"date":"2023-07-12T20:23:00","date_gmt":"2023-07-12T20:23:00","guid":{"rendered":"https:\/\/www.smarthost.au\/blog\/?p=6471"},"modified":"2024-06-18T12:33:37","modified_gmt":"2024-06-18T12:33:37","slug":"what-is-dmarc-and-why-should-you-have-it","status":"publish","type":"post","link":"https:\/\/www.smarthost.au\/blog\/what-is-dmarc-and-why-should-you-have-it","title":{"rendered":"What is DMARC and why should you have it?"},"content":{"rendered":"\n

SPF and DKIM are the two most popular phishing protections. To increase security, protection can be extended with the DMARC mechanism.<\/strong><\/h2>\n\n\n\n

Domain-based Message Authentication (DMARC) is a mechanism that defines how the mail server should behave when it receives a message that doesn’t pass verification using SPF and DKIM. So in less technical terms. If a message is classified as spam – this mechanism allows you to create a policy on what should happen with such a message. We can define whether such a message is to be quarantined or deleted.<\/p>\n\n\n\n

How to implement the DMARC mechanism?<\/strong><\/h2>\n\n\n\n

SPF and DKIM mechanisms are already set on our hosting by default, however, in order to set the DMARC mechanism, both protections must be active. To create a DMARC record, log in to cPanel and then go to “Zone Editor”.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Then select the domain you are interested in and select “Manage”<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The next step is to add a DMARC record.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Here we can choose one of the defined policies:<\/p>\n\n\n\n

None <\/strong>– no policy is selected,
Quarantine <\/strong>– the message is marked as spam,
Reject <\/strong>– the message is rejected by the server.<\/p>\n\n\n\n

It is also possible to define optional parameters. Below is a description of what each of them does.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Subdomain Policy<\/strong> – here you set the policy for subdomains.<\/p>\n\n\n\n

DKIM and SPF Mode:<\/strong>
Relaxed<\/strong> – not all messages are checked for errors.
Strict<\/strong> – all messages are verified.<\/p>\n\n\n\n

Percentage<\/strong> – here we define what percentage of messages should be checked by the server.<\/p>\n\n\n\n

Generate Failure Reports When:<\/strong>
All Checks Fail<\/strong> – all checks fail.
Any Check Fails<\/strong> – any check fails.<\/p>\n\n\n\n

Report Format<\/strong> – the format in which the report is to be generated.<\/p>\n\n\n\n

Report Interval<\/strong> – time between reports expressed in seconds.
Send Aggregate Mail Reports To<\/strong> – send aggregate reports to (enter the e-mail address in this field).
Send Failure Reports To<\/strong> – send failure reports to (enter an e-mail address in this field).<\/p>\n\n\n\n

Recommended settings<\/strong><\/h2>\n\n\n\n

Below are the recommended settings for a DMARC record:<\/p>\n\n\n\n

Policy <\/strong>– Quarantine,<\/p>\n\n\n\n

Subdomain Policy<\/strong> – Quarantine,<\/p>\n\n\n\n

DKIM and SPF Mode:<\/strong>
strict<\/strong>,<\/p>\n\n\n\n

Percentage<\/strong> – 100,<\/p>\n\n\n\n

Generate Failure Reports When<\/strong>: Any Check Fails,<\/p>\n\n\n\n

Report Format<\/strong> – AFRF,<\/p>\n\n\n\n

Report Interval<\/strong> – 86400,
Send Aggregate Mail Reports To<\/strong> – here we enter the e-mail address to which the reports are to be sent,
Send Failure Reports To<\/strong> – leave blank.<\/p>\n\n\n\n

\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

SPF and DKIM are the two most popular phishing protections. To increase security, protection can be extended with the DMARC mechanism. Domain-based Message Authentication (DMARC) is a mechanism that defines how the mail server shouldContinue reading<\/a><\/p>\n","protected":false},"author":16,"featured_media":6477,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-6471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/comments?post=6471"}],"version-history":[{"count":1,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6471\/revisions"}],"predecessor-version":[{"id":6478,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/posts\/6471\/revisions\/6478"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media\/6477"}],"wp:attachment":[{"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/media?parent=6471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/categories?post=6471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.smarthost.au\/blog\/wp-json\/wp\/v2\/tags?post=6471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}