Adding a DMARC entry with cPanel
What is DMARC?
A DMARC record stands for "Domain-based Message Authentication, Reporting & Conformance". It tells an email server what to do after checking the validity of a domain name's SPF and DKIM records.
DMARC is able to reduce the impact of phishing and malware attacks, prevent spoofing, and protect against brand misuse, fraud, and compromise of business email. The DMARC Analyzer Enables organizations to leverage DMARC and simplifies the DMARC deployment process.
How do I set up a DMARC entry in cPanel?
In this tutorial we will show you how to DMARC entries in cPanel to specify how mail servers should handle messages from your domain that do not have valid SPF and DKIM entries set up. Since the DMARC standard is used by many email providers (e.g. Gmail, Yahoo!, AOL, Hotmail, Outlook), it increases your chances of successful email delivery.
DMARC entries are displayed as TXT entries within cPanel set up. The steps are:
- Log me into the cPanel. If you don't remember how to log in to cPanel, we have created a tutorial for that as well. cPanel tutorial: How can I log in to the cPanel?
- Once you have arrived in cPanel, in the area click Domains to the option Zone Editor.
3. click next to the Domain namesfor which you want to add an entry, click on "Manage".
Click on the drop-down arrow next to the blue "Add entry" button and select "DMARC" Add entry.
Select a policy type for which a record is to be generated.
- If you have already selected a DMARC entry, click the Raw tab to enter your custom entry.
6. you can click Optional Parameters to further specify how your policy works. If you are not sure how to use them, you can simply leave them at their default values.
7. enter the DMARC entry in the "Entry/Text" field.
8. click Add record.
9. let 2-8 hours pass while the change spreads throughout the www.
What does it all mean?
v is equal to the protocol version
p Apply this policy to emails that fail the DMARC check. Can be "None", "Quarantine" or "Reject". "None" is used to collect the DMARC report and get an overview of the current email traffic and its status.
pct The percentage tag instructs ISPs to apply the DMARC policy only to a certain percentage of failed emails. "pct=50" instructs recipients to apply the "p=" policy only to 50% emails that fail the DMARC check. NOTE: This does not work for the "None" policy, only for the "Quarantine" or "Reject" policy.
rua A list of URIs to which ISPs can send XML responses. NOTE: This is not a list of E-mail addresses. DMARC requires a list of URIs in the form "mailto:firstname.lastname@example.org".
There are a few advanced options that are not included in this simplified example.
call A list of URIs to which ISPs can send forensic reports. NOTE: This is not a list of email addresses. DMARC requires a list of URIs in the form "mailto:email@example.com".
sp This policy should be applied to emails originating from a subdomain of this domain that has not passed the DMARC check. This tag allows domain owners to publish a wildcard policy for all subdomains.
adkim Specifies the alignment mode for DKIM signatures, which can be either "r" (Relaxed) or "s" (Strict). In Relaxed mode, authenticated DKIM signature domains (d=) that share an organization domain with a 'From' domain will also pass the DMARC check. In Strict mode, an exact match is required.
aspf Specifies the "Alignment Mode" for SPF, which can be either "r" (Relaxed) or "s" (Strict). In Relaxed mode, authenticated SPF domains that share an organization domain with a 'From' domain will also pass the DMARC check. In Strict mode, an exact match is required.
If you have any questions or need assistance in creating a DMARC record, please contact our 24/7 support. We will be happy to help you.
Web hosting from Grisons
Switch to ORC Webhosting now. Fast, carbon neutral web hosting with lifetime price guarantee!