Secure Your Domain and Improve Email Deliverability

Trusted by 87,000+ Businesses

Protect Your Domain from Email Spoofing with a Valid DMARC Record

Without a properly configured DMARC record, your domain is vulnerable to email spoofing. Attackers can impersonate your domain, tricking recipients into trusting malicious emails. A valid DMARC record helps prevent this.

With Smartlead’s DMARC record generator, you can create a DMARC record and configure your domain for better email authentication

SPF Record Generator

Ensure you send emails only through your authorized servers and reduce spoofing risks while improving deliverability.

Generate SPF Record Now

DKIM Record generator

Check if DKIM records are set up correctly for your domain. Ensure your email authentication policies protect your domain.

Get DKIM Record

How to Generate Your DMARC Record in a Few Simple Steps

Step 1

Enter Your Domain

Start by typing your domain name (e.g., example.com) into the provided field.

Step 2

Select Your DMARC Policy

Choose your preferred DMARC policy:

None: No action will be taken on emails that fail DMARC checks. This is useful for monitoring without enforcing a policy.
Quarantine: Emails that fail DMARC checks will be marked as suspicious and sent to the spam folder.
Reject: Emails that fail DMARC checks will be outright rejected by receiving servers, preventing them from entering the inbox.

Step 3

Add an Aggregate Email (RUA)

This is optional, but if you’d like to receive aggregated reports of your DMARC performance, enter an email address where these reports should be sent.

Step 4

Choose the Report Format

Select afrf (Aggregated Feedback Report Format) to standardize your report format and ensure that you receive the correct data on your email’s performance.

Step 5

Set the Reporting Percentage

Decide the percentage of emails that should be subject to DMARC. Start with 100% for full enforcement or adjust based on your needs.

Step 6

Configure SPF and DKIM Alignment

Set the alignment mode for SPF and DKIM:

Relaxed: Allows for a looser alignment where only the domain’s root matches.
Strict: Requires the full domain to match, offering more security.

Step 7

Enter a Forensic Email (RUF)

If you’d like to receive detailed forensic reports about emails that fail DMARC checks, provide your email address to receive them.

Step 8

Set the Reporting Interval

Choose how often you want to receive DMARC reports. By default, the interval is set to 86400 seconds (1 day), which is typically sufficient for most users.

Step 9

Click “Generate”

After filling in the necessary fields, click the Generate button. Smartlead will create your DMARC record, which you can then copy and add to your domain’s DNS settings.

What is DMARC and Why Does It Matter?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an essential email authentication protocol that works alongside SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to prevent email spoofing and improve email deliverability.

By publishing a DMARC record in your domain’s DNS, you enable email providers like Gmail, Yahoo, and Outlook to verify that the emails sent from your domain are legitimate.

When a DMARC policy is in place, it tells receiving mail servers how to handle emails that fail authentication checks. Depending on the policy you set, emails may either be quarantined, rejected, or simply monitored (with no action taken).

Why DMARC Matters:

Strengthens Email Security: By enforcing authentication checks, DMARC helps protect your domain from being exploited for phishing attacks, which are designed to trick recipients into disclosing sensitive information.
Improves Email Deliverability: With DMARC, inbox providers are more likely to trust your emails, reducing the chances of your messages being flagged as spam.
Protects Against Email Spoofing: DMARC ensures that only authorized senders can use your domain to send emails, helping to prevent malicious actors from impersonating your brand.

Real-World Scenarios Where DMARC Validation is Essential

1. Protect Your Customers from Phishing Attacks

Imagine a malicious actor impersonating your brand and sending fraudulent emails to your customers. DMARC validation ensures that only authorized emails from your domain reach your audience, protecting your customers from phishing scams and maintaining their trust.

2. Safeguard Your Marketing Campaigns

When sending high-volume marketing emails, you need to ensure they reach the inbox — not the spam folder. DMARC helps improve email deliverability, ensuring your carefully crafted campaigns aren’t blocked or flagged by inbox providers like Gmail and Outlook.

3. Maintain Your Domain’s Reputation

Your domain’s reputation is everything. A domain with no DMARC policy is an easy target for attackers, which can harm your brand image. By implementing DMARC and setting a strict policy, you stop unauthorized senders in their tracks, safeguarding your domain’s reputation and your email’s integrity.

4. Monitor Who’s Sending Emails on Your Behalf

You might use third-party services for sending emails (like email marketing platforms or customer support systems). With DMARC reports, you gain insight into which senders are authorized and which are not. This helps you identify unauthorized users and ensure that only trusted services are sending emails under your domain.

5. Protect Your Transactional Emails

Emails such as order confirmations, receipts, and password resets are critical for customer experience. If these emails are marked as spam or rejected, it can cause frustration for your users. DMARC validation ensures these essential communications are delivered securely and don’t get flagged by inbox providers.

6. Comply with Industry Standards and Regulations

In industries like finance, healthcare, or e-commerce, email security is not just a best practice; it’s a requirement. DMARC helps you meet email authentication standards and ensures compliance with regulations that mandate secure communication, preventing any legal or reputational fallout.

What Our Customers Say

I can upload hundreds of email accounts, send thousands of cold emails per day, and still have an organized master inbox. This is unseen with any other tool on the market today. I looked...

Mykyta

CEO, Yell Cut

4.5

I've personally built a sales engagement platform similar to Smartlead, and I am genuinely blown away by the scalability, functionality and more. We're a B2B Lead Gen Agency, and we primarily use cold email to generate leads for our clients. We're on track to double our best month in terms of client results.

Nick A.

Founder, Leadbird.io

4.5

Smartlead is an innovative cold email platform that helps me reach out to potential clients. There are easy-to-use templates, powerful automation tools, and intuitive analytics for email warming and campaign analytics. It provides me with everything I need to maximize my cold email campaigns.

Reggie B.

Sales Director - Financial Institution Solutions Saggezza, Inc.

4.5

Smartlead is an absolute game-changer! With its exceptional features and support from the Smartlead team, I've experienced remarkable success. The customizable platform and cost-effective pricing have revolutionized our cold emailing game. I would rate it 10 out of 10 for satisfaction. A must-have tool for any B2B agency!

Romain Osman

Co-Founder, Five Element

4.5

Innovative, reliable, and Suitable For Technical and Non-Technical Users. SmartLead's ability to help me land in the primary inbox and automate the laborious parts of my workflow is brilliant. The customer support is incredibly good, I've had some great feedback on my cold email campaigns.

Ryane Tully

Co-founder, Pitchlane

4.5

Hands down the best cold email software. Smartlead is amazing, this is the best tool if you want to cold email at scale and land in the inbox. The team is super responsive with great support. While there is a learning curve to cold email, they really built a great foundation to make it as simple as possible. I am sending over 2k emails a day!!! absolute game changer for my business.

Eden Einav

Account Executive, B.I.G. Charity Law Group Professional Corporation

4.5

Intuitive. Game-Changing. POWERFUL. Analytics, spintax, A/B testing, quick personalization. This is a game changer if you send cold email campaign. Grateful to this team for building a product that has changed our day to day. 🚀

David Borman

Senior Account Executive, Key Outreach

4.5

The best outbound email marketing software. Customer support - they are so responsive and helpful Features - you can add multiple email domains to the same account.

Bojan Najdov

Founder, Lambda Group

4.5

Smartlead has been extremely helpful with seamlessly onboarding clients, warming up their accounts, and prepping campaigns to send at high volumes while maintaining high deliverability. There are multiple features that allow me to track performance over time and understand when it is time for me to make adjustments, and Vaibhav is constantly making improvements/upgrades to the platform which gives me all the more faith in the future of this great tool.

Dino Knezovic

Founder, Office Optim

4.5

Smartlead is absolutely amazing! The software is easy to understand I am not a techie but directly understand everything and if you really have a question the team always helps instantly. Additionally I love all the features. Like I said for me as a lead generation agency the software gives me everything I need and much more.

Johannes Fessler

CEO, Rock Solid Lead Generation

4.5

Terrific platform for agencies. The platform is intuitive and makes it easy to manage multiple client accounts. I love the email warmup feature, the sub-accounts, and the branded client portal. Deliverability and analytics are solid. Great customer support.

Kris Sharma

Founder, Webinar Dude

4.5

Total game changer for cold outreach. Packed with features: Spintax, Rotating Inboxes, AI Email Categorization, Subsequences, Tagging, and Whitelabeling. Their team is SUPER responsive and implements changes quickly, and it is the most reliable cold email tool I've ever used.

Matthew Lucero

Founder, Anevo Marketing

4.5

Best Cold Email Marketing Tool for individuals as well as agencies. Smartlead has simplified email marketing to another infinity. With their domain rotation, email warmups and unified inbox, this is an absolute gamechanger in the industry right now. With such an affordable pricepoint, they really offer you the best bang for the buck and superseeds any email automation tool in the market like salesloft/outreach or reply. Vaibhav is more than just an amazing guy, who is super helpful and approachable. This tool would guarenteed be the next best thing in the market and the best part is they never stop innovating. Complete no brainer to opt for this against any other tool that you are using for email outreach at the current moment. Trust me you wouldn't be disappointed. Review collected by and hosted on G2.com.

Abhishek Basu

Account Executive, Leadzilla

4.5

Best cold email tool in the game. Most user friendly cold email tool I've used to date. Super easy to set up, love the bulk upload feature to add multiple domains at once and support is impeccable. They respond so fast it's unreal. Review collected by and hosted on G2.com.

Serdar Tufan

Owner, FunnelVision

4.5

I just ended my 2 year search for the right cold emailing platform with Smartlead. A stand alone tool for cold emailing unlike anything else in the market. And it looks like they're only getting started. Now I can finally train my VAs on just one platform instead of bouncing between several like they used to for different things.

Cliff Coelho

Owner, Storydriven.video

4.5

Best cold outbound email software out there. Everything, is fast, reliable, scalable, you can also white-label, amazing analytics and never breaks like other similar competitors. Never once I went in spam in the last 4 months of using it.

Arnold Koci

CEO, Acquisizioneclienti.it

4.5

Romain Osman

Co-Founder, Five Element

4.5

Our campaigns weren't just about reaching out, but reaching out right, and Smartlead helped us achieve this. It has added immense value to our business by prioritizing email deliverability and customer needs. I would rate it a 9 out of 10

Lucas Maliczak

Outbound Lead & Partner, Peakora

4.5

Smartlead is simply amazing. They constantly improve their product and bring new features that make the cold email software even more complete. If you're a big automation enthusiast like me, there are no other cold email tools on the market that allow you to 100% automate your business as Smartlead does.

René-Karl Lambert

Founder, WindGrowth

4.5

David Borman

Senior Account Executive, Key Outreach

4.5

The best outbound email marketing software. Customer support - they are so responsive and helpful Features - you can add multiple email domains to the same account.

Bojan Najdov

Founder, Lambda Group

4.5

Dino Knezovic

Founder, Office Optim

4.5

Johannes Fessler

CEO, Rock Solid Lead Generation

4.5

Kris Sharma

Founder, Webinar Dude

4.5

Matthew Lucero

Founder, Anevo Marketing

4.5

Abhishek Basu

Account Executive, Leadzilla

4.5

Serdar Tufan

Owner, FunnelVision

4.5

Cliff Coelho

Owner, Storydriven.video

4.5

Arnold Koci

CEO, Acquisizioneclienti.it

4.5

Romain Osman

Co-Founder, Five Element

4.5

Lucas Maliczak

Outbound Lead & Partner, Peakora

4.5

René-Karl Lambert

Founder, WindGrowth

4.5

Matthew Lucero

Founder, Anevo Marketing

4.5

Abhishek Basu

Account Executive, Leadzilla

4.5

Serdar Tufan

Owner, FunnelVision

4.5

Cliff Coelho

Owner, Storydriven.video

4.5

Arnold Koci

CEO, Acquisizioneclienti.it

4.5

Romain Osman

Co-Founder, Five Element

4.5

Lucas Maliczak

Outbound Lead & Partner, Peakora

4.5

René-Karl Lambert

Founder, WindGrowth

4.5

Frequently Asked Questions

Still Have Questions ?

Why Do I Need a DMARC Record?

A DMARC record helps protect your domain from being used in email spoofing and phishing attacks. It provides you with reports on email activities, allowing you to monitor and improve your email authentication practices.

How Do I Generate a DMARC Record Using This Tool?

Simply submit your domain or subdomain in the tool.
Our DMARC Record Generator will guide you through a quick and advanced setup to create your DMARC record.

Fill in the required fields, click "Generate DMARC," and your record will be ready.

What Are The Required Tags for a DMARC Record?

The essential tags for a DMARC record are:

v: Version tag, which must be "DMARC1".
p: DMARC policy, which can be "none," "quarantine," or "reject".

Can I Receive Reports on Email Activities with DMARC?

Yes, by including the `rua` and `ruf` tags in your DMARC record, you can receive aggregate and forensic reports on email activities. These reports help you understand your email flows and authentication status.

What Does the 'p' Tag Do?

The `p` tag specifies the DMARC policy for your domain.
The values can be:

none: Takes no action against non-authenticated emails.

quarantine: Marks failed emails as suspicious.
‍
reject: Blocks failed emails from being delivered.

How Do I Set The Percentage Of Emails Affected By DMARC Policies?

You can use the `pct` tag to specify the percentage of failed emails that the DMARC policy should apply to. For example, `pct=70` means the policy applies to 70% of failed emails.

How Often Will I Receive DMARC Reports?

The `ri` tag determines the reporting interval in seconds. The default is 86400 seconds (once a day). However, the actual frequency may vary depending on the ISPs.

What Happens If My DMARC Record Is Incorrect?

If your DMARC record has errors or is missing required tags, it will be ignored. Ensure that the `v` tag is set to "DMARC1" and that the `p` tag is properly configured.

Can I Set Different Policies For Subdomains?

Yes, you can use the `sp` tag to set specific DMARC policies for subdomains. If the `sp` tag is not set, subdomains will inherit the main domain policy. Feel free to reach out to our customer support team for any query or concern.

What is DMARC Domain Alignment?

DMARC domain alignment ensures that the domain used in SPF and DKIM matches or aligns with the domain in the email’s From header. It can be strict or relaxed based on adkim (DKIM alignment) and aspf (SPF alignment) settings. When you generate DMARC record, these settings help ensure that only authorized emails are processed, enhancing email security.

How Does DMARC Work With Subdomains?

DMARC policies apply to subdomains based on the sp (subdomain policy) tag. By default, subdomains inherit the main domain’s DMARC policy. To customize this, use a DMARC policy generator to specify different rules for subdomains if needed. When you build DMARC record, ensuring proper subdomain policy settings helps manage email security across all related domains.

Can I Add DMARC Record Without SPF or DKIM?

No, you cannot effectively implement DMARC without SPF or DKIM. DMARC relies on these authentication methods to function. If you want to create a DMARC record, ensure SPF and DKIM are set up first. Use a DMARC record creator or DMARC generator tool to integrate these elements properly for complete email protection.

Why Did My DMARC Record Checks Fail?

DMARC record checks can fail due to syntax errors, incorrect policies, or misconfigured SPF/DKIM settings. Ensure your DMARC record is correctly formatted and aligns with your SPF and DKIM settings. Utilize a DMARC TXT record generator to verify and correct any issues. Properly configuring your DMARC setup using a DMARC policy generator will help resolve these failures.

Does DMARC Impact Legitimate Email Delivery?

Yes, if misconfigured, DMARC can affect legitimate email delivery by inadvertently marking valid emails as suspicious or rejecting them. To avoid this, carefully generate DMARC record settings and test configurations. Utilise a DMARC TXT record generator to create a record that balances security with deliverability, and regularly review reports to fine-tune your settings. Proper setup with a DMARC policy generator helps minimize disruption to legitimate emails.

Can DMARC Be Spoofed?

DMARC itself cannot be spoofed if properly implemented, as it relies on SPF and DKIM for authentication. However, misconfigurations or weak policies can lead to gaps in protection. To prevent this, use a DMARC generator tool or DMARC record creator to accurately build DMARC records and enforce strong policies. Regular monitoring and adjustments ensure continued email security.

Let’s Build Your Custom Outreach Engine

Set a tailored outbound motion with features built for enterprises.

Book for a Demo

What is a DMARC Record? Why is a DMARC Record Important?

A DMARC (Domain-based Message Authentication, Reporting & Conformance) record is a crucial component for securing your email domain. It prevents unauthorised use of your domain by ensuring that emails sent from your domain are authenticated using SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail). Our DMARC Record Generator makes it easy to create and configure your DMARC record, ensuring your domain's email security is robust and reliable.
‍
- DMARC helps prevent unauthorised use of your domain, such as phishing attacks or email spoofing. By enforcing authentication checks through SPF and DKIM, DMARC ensures that only legitimate emails from your domain are delivered.

- With a properly configured DMARC record, legitimate emails are more likely to be delivered to recipients’ inboxes rather than being marked as spam. It signals to email receivers that your domain is protected and that their email handling practices should be stricter for your domain.

- DMARC enables you to receive reports about how your domain is being used in email communications. These reports provide insights into authentication failures and can help you understand and improve your email security posture.

By preventing unauthorised use of your domain, DMARC helps maintain your brand’s reputation. It assures recipients that emails from your domain are legitimate and trustworthy. Furthermore, implementing DMARC can help your organisation comply with industry standards and regulations related to email security and data protection.

How to Generate a DMARC Record?

‍Generating a DMARC record involves creating a DNS TXT record for your domain that specifies how email from your domain should be handled when it fails authentication checks. Here’s a step-by-step guide on how to generate a DMARC record:
‍
1. Determine Your DMARC Policy
- none: Collects data without affecting email delivery. Good for initial setup and monitoring.
- quarantine: Marks failed emails as suspicious, which may send them to the spam or junk folder.
- reject: Completely blocks failed emails from being delivered.

2. Choose Optional Tags
- rua: Email address for receiving aggregate reports (e.g., mailto:reports@example.com).
- ruf: Email address for receiving forensic reports (e.g., mailto:failures@example.com).
- sp: Policy for subdomains, if different from the main domain.
- adkim: DKIM alignment mode (r for relaxed or s for strict).
- aspf: SPF alignment mode (r for relaxed or s for strict).
- fo: Forensic reporting options (0, 1, d, or s).
- rf: Reporting format (afrf for aggregate feedback or iodef for incident report).
- pct: Percentage of emails to apply the policy to (e.g., pct=70).
- ri: Reporting interval in seconds (default is 86400 for daily reports).
‍
3. Construct Your DMARC Record
Combine the tags and values into a single string format. For example: v=DMARC1; p=reject; rua=mailto:reports@example.com; ruf=mailto:failures@example.com; sp=quarantine; adkim=s; aspf=s; fo=1; rf=afrf; pct=100; ri=86400

4. Add the DMARC Record to Your DNS
- Log in to the DNS management console of your domain registrar or DNS hosting provider.
- Create a New TXT Record:
     Host/Name: Enter _dmarc as the host or name (for example, _dmarc.yourdomain.com).
     Value: Paste the DMARC record string you constructed.
     TTL: Set the TTL (Time To Live) value. Default is usually fine.
- Save the Record: Apply or save the changes.

5. Verify Your DMARC Record
After adding the record, use Smartlead DMARC checking tool to verify that your record is correctly configured and propagated.
‍
6. Monitor and Adjust
- Regularly check the aggregate and forensic reports to monitor how emails from your domain are handled.
- Based on the reports, adjust your DMARC policy if necessary to improve email security and deliverability.

DMARC Tag Explanations

Easily create a DMARC record for your domain or subdomain. Submit your domain, and we'll verify if a DMARC record exists. DMARC record generator is helpful if your DMARC checker results show that you’re missing the record or it contains any errors. Here are the tags and their descriptions:

v (required): The version tag. The only allowed value is "DMARC1". If it's incorrect or the tag is missing, the DMARC record will be ignored.
‍
‍p (required): The DMARC policy. Allowed values are "none", "quarantine", or "reject". The default is "none," which takes no action against non-authenticated emails. It only helps collect DMARC reports and gain insight into your current email flows and their authentication status. "quarantine" marks the failed emails as suspicious, while "reject" blocks them.
‍
‍rua: Aggregate report sending destination. It's the "mailto:" URI that ESPs use to send failure reports. The tag is optional, but you won’t receive reports if you skip it.
‍
‍ruf: Forensic (Failure) report sending destination. It's the "mailto:" URI that ESPs use to send failure reports. The tag is optional, but you won’t receive reports if you skip it.
‍
‍sp: The subdomain policy. The subdomain inherits the domain policy tag (p=) explained above unless specifically defined here. Like the domain policy, the allowed values are "none," "quarantine," or "reject." This option isn't widely used nowadays.
‍
‍adkim: The DKIM signature alignment. This tag follows the alignment between the DKIM domain and the parent Header From domain. Allowed values are "r" (relaxed) or "s" (strict). "r" is the default and allows a partial match, while the "s" tag requires the domains to be the same.
‍
‍aspf: The SPF alignment. This tag follows the alignment between the SPF domain (the sender) and the Header From domain. Allowed values are "r" (relaxed) or "s" (strict). "r" is the default, and allows a partial match, while the "s" tag requires the domains to be exactly the same.
‍
‍fo: Forensic reporting options. Allowed values are "0," "1," "d," and "s." "0" is the default value, which generates a forensic report when both SPF and DKIM fail to produce an aligned pass. If either of the protocol outcomes is something other than pass, use "1." "d" generates a report when DKIM is invalid, while "s" does the same for SPF. Define the ruf tag to receive forensic reports.
‍
‍rf: The reporting format for failure reports. Allowed values are "afrf" and "iodef".
‍
‍pct: The percentage tag. This tag works on domains with "quarantine" or "reject" policy only. It marks the percentage of failed emails a given policy should be applied to. The rest falls under a lower policy. For example, if "pct=70," on a domain with "quarantine" policy, it applies only 70% of the time. The remaining 30% goes under "p=none". Similarly, if "p=reject" and "pct=70," "reject" applies to the 70% of failed emails, and the 30% go into "quarantine."
‍
‍ri: Reporting interval. Marks the frequency of received XML reports in seconds. The default is 86400 (once a day). Regardless of the set interval, in most cases, ISPs send the reports at different intervals (usually once a day).
‍

How to Implement a DMARC Record in Your DNS?

‍
‍To implement a DMARC record in your DNS:
1. Log In: Access your DNS management console through your domain registrar or DNS provider.
2. Create TXT Record:
- Host/Name: Enter _dmarc (e.g., _dmarc.example.com).
‍- Value/Data: Input your DMARC policy string, such as v=DMARC1; p=quarantine; rua=mailto:reports@example.com; ruf=mailto:failures@example.com; adkim=r; aspf=r; pct=100; ri=86400.-
- TTL: Set the TTL value, typically 3600 seconds (1 hour) or 86400 seconds (24 hours).
3. Save: Apply the changes to add the DMARC record.
4. Verify: Use a DMARC checker tool to confirm the record is correctly configured and propagated.
5. Monitor: Regularly review the reports sent to the addresses specified to adjust and optimise your DMARC policy as needed.This setup helps protect your domain from email abuse and improves email deliverability.

Frequently Asked Questions

General Questions

Why Do I Need a DMARC Record?

How Do I Generate a DMARC Record Using This Tool?

What Are The Required Tags for a DMARC Record?

The essential tags for a DMARC record are:

v: Version tag, which must be "DMARC1".
p: DMARC policy, which can be "none," "quarantine," or "reject".

Can I Receive Reports on Email Activities with DMARC?

What Does the 'p' Tag Do?

How Do I Set The Percentage Of Emails Affected By DMARC Policies?

You can use the `pct` tag to specify the percentage of failed emails that the DMARC policy should apply to. For example, `pct=70` means the policy applies to 70% of failed emails.

How Often Will I Receive DMARC Reports?

The `ri` tag determines the reporting interval in seconds. The default is 86400 seconds (once a day). However, the actual frequency may vary depending on the ISPs.

What Happens If My DMARC Record Is Incorrect?

If your DMARC record has errors or is missing required tags, it will be ignored. Ensure that the `v` tag is set to "DMARC1" and that the `p` tag is properly configured.