Skip to content
English
  • There are no suggestions because the search field is empty.

DMARC for enhanced email security

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that helps prevent email spoofing and phishing. If you're sending from a custom domain, setting up a DMARC policy is important for protecting your brand and ensuring your emails reach subscribers' inboxes.

What DMARC does

DMARC builds on SPF and DKIM to verify that emails claiming to come from your domain are actually authorized by you. It also tells receiving mail servers what to do if a message fails authentication — quarantine it, reject it, or let it through.

Who needs DMARC?

If you send from a custom domain, DMARC is strongly recommended. Google and Yahoo now require DMARC compliance for bulk email senders (anyone sending more than 5,000 messages per day). Even if you're below that threshold, having DMARC in place protects your domain reputation.

What rasa.io handles vs. what you handle

  • SPF — rasa.io handles this as part of domain authentication
  • DKIM — rasa.io handles this as part of domain authentication
  • DMARC — this is your responsibility to set up on your domain
  • One-click unsubscribe — rasa.io handles this automatically

See How to authenticate your domain for the full domain setup process.

Setting up DMARC

DMARC is configured as a DNS TXT record on your domain. A basic policy looks like this:

v=DMARC1; p=none; rua=mailto:youremail@yourdomain.com

Start with p=none (monitor mode) to see reports without affecting delivery, then move to p=quarantine or p=reject once you're confident everything is properly authenticated.

For a step-by-step guide, your domain registrar or IT team can help. If you need assistance, contact support@rasa.io.