HomeBlogDMARC ComplianceEmailGsuiteGSuite – Easy guide to add DMARC

GSuite – Easy guide to add DMARC

Gmail supports the email authentication protocol called DMARC (Domain-based Message Authentication, Reporting, and Conformance). This protocol prevents spammers from illegitimately using your email domain and sending email with a “From” address that makes email appear to come from someone in your domain.

The impact of spammers illegitimately using your domain to send spam or junk email negatively affects your domain quality and domain reputation. People who get the forged emails can mark them as spam or junk, which can impact authentic messages sent from your domain.

The complete Gmail guide is listed here – Manage suspicious emails with DMARC

DMARC can be called an umbrella protocol as it supports the other email authentication mechanisms of SPF and DKIM. In fact, DMARC is said to correct a number of flaws with those mechanisms.

SPF and DKIM are not prerequisites for implementing DMARC initially, however they would be required before moving to stricter enforcement policy of quarantine or reject. See our SPF guide – Starting your SPF journey ? Add DMARC for greater success !

The other key area to remember is reporting. By creating a DMARC record, you are asking the internet to send you reports that identify when your domain or subdomain is used on the internet – both fake/malicious usage or legit. The volume of these reports will be in the hundreds or even thousands per week and they are in XML format, making them difficult to read and understand. Hence we advocate the use of a DMARC dashboard.

Step 1

Create DMARC record and add it to a subdomain of your domain in the format _dmarc.yourdomain.com (remember the underscore in the front)

There are a number of options to create the record :

  1. Use the Gmail guide and create the DMARC record with all the tags – medium level technical expertise is required and all email is sent to your designated inbox
  2. Use a DMARC Record Wizard to generate the record – basic technical expertise required and all email is sent to your designated inbox.
  3. Register for a trial on the dmarc dashboard – very low technical expertise required – a DMARC record is automatically created, guides advise you how to place it in your domain’s DNS and reports will be sent to the dmarc dashboard for easier interpretation.

Step 2

You still need a DMARC dashboard to interpret the XML reports, specifically if you used items 1 and 2 from Step 1 above.

Reports should be appearing within afew days of creating the DMARC record in your domain’s DNS.

Step 3

There isn’t any !! I did say it was simple !

Review the results.


One thought on “GSuite – Easy guide to add DMARC

Comments are closed.