✉️ Do your emails end up in the SPAM folder?
DMARC might be the answer to your questions. It’s a good thing we’re talking about it today!
DMARC is an acronym for Domain_based Message Authentication, Reporting & Conformance.
It is part of the famous triptych: SPF / DKIM / DMARC: these security protocols that you can configure via DNS entries for your domain.
As you know, cybercriminals send billions of emails a day. In order to gain your trust, they may try to forge the address in the “From” field of an email. The email will then appear to come from the spoofed organization or domain.
This is where DMARC comes in.
DMARC is a standard email authentication method.
This protocol allows email administrators to:
- Define policies to indicate how unauthenticated messages should be handled, for example by blocking them or marking them as spam. If you are doing mailings, it is therefore recommended today to set up DMARC to ensure better deliverability.
- Prevent hackers from impersonating your organization and domain.
- Receive reports on messages that try to pretend to be official company messages when they are actually fake.
You can refer to the Google documentation dedicated to DMARC by clicking here.
How to audit the authentication of your emails ?
To fine-tune and understand all the features of DMARC is a specialist job. However, you can audit the authentication of your emails for free and instantly via the sites :
If you want to set up DMARC yourself at a minimum, for example to hope to gain in deliverability, here are the steps to follow :
- Log into the admin area of your email host (Google Workspace, Microsoft 365, OVH…)
- Go to the zone related to DNS records
- Add a TXT record with the following value: v=DMARC1; p=none;rua=mailto:XXXXX) and replace XXXXX by the email of the admin of your organization.