Learn about DMARC, SPF, and DKIM

DMARC gets talked about like a single switch you flip for a domain.

In reality, most domains are a small ecosystem:

• the apex (example.com) where people type addresses and expect mail to "just work"
• a handful of subdomains used for actual sending (news.example.com, billing.example.com,...

It only takes one look at a real DMARC record to realize why people hesitate.

p, sp, pct, rua, ruf, fo, ri, rf...

It's not hard once it clicks. It's just that every tag looks equally important when you're new to it, and DNS is an unforgiving place to experiment.

This is a fiel...

If you've ever stared at a DMARC report thinking "but SPF is passing... why is DMARC failing?", you've already met identifier alignment.

Alignment is one of those things that sounds like an academic detail until it bites you in production. Then it becomes the entire story.

In DMARC terms, what...

Mistakes can happen.

An updated DKIM selector record may be missing a semicolon. Someone in a rush could mistype t...

In the previous steps of the 5-Stages DMARC Setup process we got to know more about the domain email traffic pattern...

Depending on the volume of emails you send, how old your domain is, and how much exposure it has, your DMARC reports...

The objective of this stage is to collect data so we get to know how email from the domain flows and, in parallel, m...

Planning and controlling the DMARC deployment process is crucial to avoid problems and questions down the road that...

Here is a brief overview of the DMARC setup process we will be covering in this post series:

The 5-Stages DMARC Se

DMARC is great. It allows you to publish your email sending policies, and those are used to prevent phishing emails using your domain. On top of that, it also provides reporting facilities that give you insights on your email delivery.

Implementing DMARC on new domains is straightforward. You just...