DMARC Policy Wizard

Easiest way to create proper DMARC policy!

DMARC policy creation wizard

Once you generated your DMARC record, you need to add it to your DNS zone on your sender domain. This will allow other servers to see it and use the instructions configured. Please go to your domain hosting panel and access a DNS Zone management. Each Domain Provider has its own way of customizing the DNS zone. If you do not know where it is located, please check your hosting provider's documentation or contact hosting support.

Which domain you will protect?

DMARC allows different you to apply different 'policies' to email that appears non aligned with your domain. Policy determines what recipient server must do when incoming mail will fail SPF and DKIM authentication.
This is most important aspect of DMARC entry.

Learn More!
Learn More!
Learn More!

What percentage of emails should be analyzed?

DMARC allows users to slowly ramp their policy by allowing users to apply the given DMARC policy to a specific percentage of email flows. If you specify a percent other than 100, your DMARC policy will only be applied to the given percentage of your messages.

How strictly DMARC should check SPF and DKIM entries?

This setting configures how strict recipient server should be while checking a SPF and a DKIM authentication of an email. Relaxed mode will accept authentication even if the email is sent from subdomain. Strict mode accepts authentication only when sender domain matches exactly with a SPF / DKIM domain.

Learn More!
Learn More!

Reports are critical to establishing and maintaining accurate authentication deployments. The information includes data about messages that passed DMARC authentication as well as those that did not.

Learn More!
Learn More!

Why is DMARC important?

With the rise of the social Internet and the ubiquity of e-commerce, spammers and phishers have a tremendous financial incentive to compromise user accounts, enabling theft of passwords, bank accounts, credit cards, and more. Email is easy to spoof and criminals have found spoofing to be a proven way to exploit user trust of well-known brands. Simply inserting the logo of a well known brand into an email gives it instant legitimacy with many users.

When DMARC pass?

To pass DMARC, a message must pass SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment.

What is an Organizational Domain?

The Organizational Domain is found by checking a list of public DNS suffixes, and adding the next DNS label. So, for example, "a.b.c.d.example.com.au" and "example.com.au" have the same Organizational Domain, because there is a registrar that offers names in ".com.au" to customers.
Albeit at the time of DMARC spec there was an IETF working group on domain boundaries, nowadays the organizational domain can only be derived from the Public Suffix List.

Keep the service free