Email authentication

How to start with DMARC in 5 steps

Time needed: 2 minutes.

Deploying DMARC can be a difficult process. DMARC Analyzer provides a SaaS solution which empowers organisations to easily manage complex DMARC deployment. In this article you will learn how to deploy DMARC in 5 easy steps.

  1. Identify all the domains of your organisation

    Investigating all your organisation owned domains is the first step of your DMARC deployment project. Identify all domains that sent email on behalf of your company, both active and parked (inactive) domains. Do not forget the parked (inactive) domains you own. You might not sent email with your parked (inactive) domains however someone might abuse the domain.

  2. Add all identified domains on your domains dashboard

    Next step is to add all the domains you identified in the previous step into your account. When you log in on go to “DNS Records” → “Add domain(s)”. Here you can add your domains. Once again, do not forget to add your parked (inactive) domains.

  3. Generate a DMARC record

    Next step is to generate a DMARC record for your domains. The core of a DMARC implementation is your DMARC record. This is easy to setup and necessary in order to use DMARC Analyzer. When you log in on go to “DNS Records” → “DMARC setup wizard” to generate your DMARC record. Please refer to the following article How to create a DMARC record for more information on how to create a DMARC record.

  4. Publish the generated DMARC record into your DNS

    Next step is to publish the DMARC record, which has been created in the previous step, into your DNS. DMARC records must be published into the DNS. You can do this yourself or you can ask your DNS provider if they can place the relevant DMARC record.

  5. Analyze your DMARC data

    Congratulations, you will now collect detailed DMARC reports in your account. Note that it can take up to 72 hours before you will see DMARC data in your account. With these DMARC reports you will gain insight in your email channel(s), Use this data to better understand your mail streams. The DMARC reports help you ensure your outbound mail sources are authenticating properly. You can now see if there are ongoing attacks on your domain(s). Ensure that the various IPs sending email claiming to come from your domain are indeed legitimate, configure them properly with DKIM or add them to their SPF range.

Doing all above means you are in the ‘Governance’ fase. Please refer to the following article 5 steps to a DMARC reject policy for more information about all stages within a DMARC deployment project.