Set up DMARC for your business
Move from none to quarantine with a policy that protects your domain from spoofing without breaking legitimate mail.
What DMARC actually does
DMARC tells receiving servers what to do when SPF or DKIM fail — monitor, quarantine or reject. It also sends reports so you can see who is sending email using your domain name.
Start with monitoring
Publish a TXT record at _dmarc.yourdomain.com with v=DMARC1; p=none; rua=mailto:reports@yourdomain.com. Run in monitoring mode until you understand your legitimate senders and fix SPF/DKIM gaps.
Tighten the policy
Once Microsoft 365, your website forms and marketing tools all authenticate correctly, move to p=quarantine and eventually p=reject. Change one step at a time and watch the aggregate reports for surprises.
Try it now
Run the related tools
Need a hand?
Run the tools. Then talk to us.
Use our free diagnostics to see what is wrong, then get Melbourne IT support for the fix.
Keep reading
More guides
Fix SPF for Microsoft 365
Stop legitimate email bouncing or landing in spam by getting your SPF record right for Microsoft 365.
- Why SPF matters
- The Microsoft 365 include
Email security best practices
Reduce phishing, spoofing and invoice fraud with authentication, filtering, and habits your team can maintain.
- Authenticate your domain
- Filter before the inbox