DMARC Record Generator

About DMARC Generator

Our DMARC record generator helps you create DMARC records for your domain/subdomain according to your required conditions and parameters. Once you enter the domain name, you will be given different options and settings to adjust per your needs and preferences. You can specify the records protocols as well as the email addresses for the aggregate and forensic reports.

How to Create a DMARC Record Using Our DMARC Record Generator

If you’re using our DMARC record creator for the first time, the number of options and fields may seem a little overwhelming. We’re here to explain the full process of using our tool in this guide:

Step 1: Open the tool and enter your domain name into the provided space

First, you need to open the DMARC generator tool and click on the input space. Then, enter the domain or subdomain.

When entering the domain or subdomain into the provided space, you will see two options below:

• Remove WWW
• Default

You have to make a selection depending on the type of DMARC record that you’re creating. If you are creating a DMARC record for a normal, standard website, then the selection will remain on “Default.”

However, if you are creating a DMARC for a subdomain, then you will have to select the “Remove WWW” option.

Selecting the right option is crucial to deciding how the DMARC record is created.

Step 2: Click on the blue “Generate DMARC” button and scroll down to the provided options

After entering the domain in the provided space, click the blue “Generate DMARC” button. The screen will scroll down to show the different options and fields.

Step 3: Select the options and enter the details as per your requirements

Now comes the important step. Here, you will have to select all the correct options and enter all the details as per your requirements.

• Policy reporting mode: The policy reporting mode defines what sort of policy the DMARC records should have about the emails that don’t conform to the DKIM and SPF standards. You can choose three modes: None, Reject, and Quarantine.
• None: When the condition is set to “None,” all emails make their way to the inbox without any filtration. (However, the reports of the email’s origin are created and sent to the specified addresses.)
• Rejected: When the condition is set to “Rejected,” the emails are not entertained at all and are not seen by the user.
• Quarantined: When the condition is set to “Quarantine,” the emails are treated suspiciously. They are sent to the Spam folder or the non-primary folder.
• What percentage to apply to: In this field, you can specify the percentage of incoming emails to which the DMARC policies should apply. Setting a low percentage in this field can be helpful if you’re trying to ease the policy rather than setting it in stone outright.
• Email: In this field, you have to specify the email address to which the general (aggregate) DMARC reports have to be sent.
• Forensic Email: In this field, you have to enter the email address to receive detailed reports of the DMARC authentication for individual emails.
• Size: In this field, you have to specify the size of the emails that can be sent to the primary email.
• Unit: After entering a figure in the “Size” field, select a storage unit from the drop-down menu, such as MB, KB, etc.

(Note: You will also have to specify the size and storage unit for the emails sent to the forensic email address.)

These are the options that you will be able to see in the standard mode. However, you can click on the “Advanced” button to view even more in-depth options.

• Policy subdomains: This option lets you specify the DMARC policy for the subdomains under the main domain.
• Report format: This option lets you select the format of the DMARC report that will be sent to the provided email address.
• Failure report options: Here, you can decide when a report is generated if the DMARC check has You can choose to:
  • Generate reports if everything fails: This option will only generate and send the report to the email address if both DKIM and SPF checks fail.
  • Generate reports if anything fails: If you select this option, the report will be generated if any one of either DKIM or SPF fails.
  • Generate report if DKIM failed: When this option is selected, the report will only be generated if the DKIM check fails.
  • Generate report if SPF failed: If you select this option, the report will be generated if the SPF check fails.
• Reporting interval: Here, you can specify the time between each DMARC report. The time is set in seconds; by default, it is one day (86,400 seconds).
• DKIM identifier: This option allows you to select the DKIM policy. You can choose between “Strict” and “Relaxed.”
• SPF identifier: You can also specify the SPF policy by picking between “Strict” and “Relaxed.”

Step 4: Copy the DMARC details and enter them as a TXT record in your domain’s DNS zone

After creating the DMARC record as per your needs and requirements, you can copy and paste it into your domain’s DNS zone as a TXT file.

Once the records have been propagated, the DMARC policies will take effect. You can check whether the DMARC record is properly added by using our DMARC record validator.

What Makes Our DMARC Generator An Excellent Choice to Use

Here are some of the features our DMARC builder provides, which make up why it should be your go-to tool for DMARC record generation.

1. It is completely free to use, and it requires no registration or downloads

Anyone can use our DMARC generator tool at any time and place. No registration or sign-up is required.

All you need to do is open the tool, enter the domain name, and then specify the settings of the DMARC record as it is generated.

2. It provides a simple mode and an advanced mode

In the simple mode, you can make the major selections about the DMARC record, such as its policy, main email, forensic email, size limits, etc.

However, you can use the advanced settings to make even finer selections and customize the DMARC record for the subdomains.

Thanks to this option, our DMARC creation tool can simultaneously be simple and extensive. You can use it to the level you feel comfortable. It’s a great tool for both beginners and experts.

3. It shows you the current DMARC record of the domain

Besides creating the new DMARC record according to your specified settings, our tool shows you the current domain’s DMARC record. This can help you understand the settings currently in place. This tool essentially acts as a DMARC record lookup and a DMARC record generator.

FAQs

Can DMARC work without SPF or DKIM?

No, DMARC cannot work without SPF or DKIM. The DMARC records are used to specify the actions to be taken by the email servers if the SPF and DKIM checks are not fulfilled. DMARC needs either SPF records, DKIM records, or both to function properly.

How do I apply the DMARC policies to my domain?

The DMARC policies can be applied to your domain once you enter the DMARC record into the DNS zone. Access your domain's DNS zone via the control panel and make a TXT record entry. You can paste the DMARC string provided by our tool in the TXT record. Once the record has been entered, the DMARC policies will be applied.

What is the difference between aggregate and forensic emails in DMARC?

In DMARC, the aggregate report is a general report that provides details on the authentication status of a group of emails. On the other hand, the forensic report provides details on the authentication status of specific individual emails.

The email address for the aggregate reports and the forensic reports have to be entered separately when creating the DMARC record. You can either use the same email for both purposes or enter one for each.