Get Started
Pick the path that best matches your goal. We have been there, we know that it can seems overwhelming at first to create the right DNS records for your business. A complete e-mail delivery setup can take a lot of time and effort. That's why we have created this guide to help you, understand the DMARC specification and how to implement it with your own configuration, independently of your ESPs.
Learn the basics
Understand DMARC and core concepts in minutes.
Read introductionImplement DMARC
Follow DNS specs and configure your policy safely.
View DNS guideTroubleshoot issues
Run a quick domain check and fix common problems.
Check my domainPopular Guides
Frequently referenced topics for quick wins. If you want to undestand what is DMARC, we think that the SPF and DKIM guides are a good starting point. These authentification tools are the foundation of DMARC policies.
Fundamentals Library
Ok, so I hear that you are ready to dig a little deeper. We have you covered. Our team have been handling records for years and we would like to share more insights with you. Remember that you are not alone, we are here to help our customers. Just open a ticket and we will be happy to help you.
DMARC Fundamentals: How Alignment, Policies, and Reports Protect Your Domain
DMARC builds on SPF and DKIM to stop exact‑domain spoofing with alignment, enforceable policies (none → quarantine → reject), and actionable reporting. Learn concepts, phased rollout, and frequent pitfalls.
DMARC DNS Record Reference: Tags, Syntax, and Validation (RFC 7489)
Deep technical reference to the DMARC TXT record: required and optional tags, alignment, subdomain policy, RUA/RUF, ABNF grammar, and validation rules. Includes DMARCbis updates and copy‑ready examples.
Why DMARC Was Created: Closing SPF/DKIM Gaps with Alignment and Enforcement
SPF checks paths. DKIM signs content. Neither binds to the visible From: nor enforces outcomes. DMARC fixes that with alignment, policies, and feedback—blocking brand impersonation at scale.
From Spam to BEC: A Practical History of Email Vulnerabilities
A timeline from SMTP’s trust‑based origins through open relays, spoofing, and modern phishing to today’s standards. Understand the attacks that drove SPF, DKIM, and ultimately DMARC.
SMTP Weaknesses and Open Relays: The Security Gaps Behind Spoofing
Explore SMTP’s core flaws—no sender auth, header forgery, command injection, and smuggling—and how open relays amplified abuse. The technical backdrop that makes DMARC essential.
SPF Explained: What It Solves, Where It Fails, and How It Fits DMARC
Understand SPF’s DNS‑based sender authorization, alignment gaps, forwarding pitfalls, and the 10‑lookup limit. Learn safe patterns, optimization strategies, and how SPF contributes to DMARC results.
DKIM Signatures: Cryptographic Trust, Blind Spots, and Role in DMARC
How DKIM signs messages with DNS‑published keys, what d=/s= mean, and where signatures fall short (header spoofing, alignment). Practical guidance on key sizes, rotation, selectors, and canonicalization.
MTA‑STS for SMTP: Enforcing TLS and MX Pinning to Stop Downgrades
Deploy MTA‑STS with a DNS id and HTTPS policy file to prevent STARTTLS downgrade and MX redirection. Modes, examples, TLSRPT reporting, and a safe rollout plan included.
BIMI: Show Your Brand Logo in the Inbox (Requirements, VMC, DNS)
BIMI displays your verified logo when DMARC is enforced. Learn prerequisites, SVG constraints, VMC certificates, and the TXT record format so major providers can render your brand mark.