Beginner's guide to using DMARC Digests

So you’ve landed on DMARC Digests and you’re looking for some guidance on how to get started? Well, you’re in the right place! We’ll walk you through a little about what DMARC is, why you need it, and how to get your account set up.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a standard that prevents spammers from using your domain to send email without your permission — also known as spoofing. 

Spammers can forge the “From” address on messages so the spam appears to come from a user in your domain. A good example of this is PayPal spoofing, where a spammer sends a fraudulent email to you pretending to be PayPal in an effort to obtain your account information. 

DMARC ensures these fraudulent emails get blocked before you even see them in your inbox. In addition, DMARC gives you great visibility and reports into who is sending email on behalf of your domain, ensuring only legitimate email is received.

Do I need DMARC?

You might be thinking “I’m not a large sender, so I doubt I’m on anyone’s radar.” However, it’s always better to be safe and have DMARC in place. Besides, implementing DMARC is now a requirement from Google and Yahoo, depending on how much email you send. You can learn more about this here and for more details on how DMARC can protect your reputation and specifically how DMARC Digests can help, check out the video below from our best friends at Postmark:

DMARC Digests free trial

Before deciding if DMARC Digests is the best fit for your needs, you can take advantage of our 14-day trial. After that, we’ll automatically move you to a paid plan. If you need some guidance on figuring out which DMARC analyzer is right for you, have a look at our overview of the best DMARC tools out there.

DMARC Digests Tour

We know that getting familiar with a new tool can be a bit overwhelming, which is why we’ve created a tour that’ll briefly take you over some of our features and what you can expect to see.

DMARC Digest tour


We provide you with access to the last 60 days of data so that you can easily compare your reports over time and monitor any particular changes or patterns in mail being sent from your domain.

How to add and verify a domain

Now that you’ve signed up, let’s get your domain added. We’ll walk you through a couple of simple steps. 

Add a domain

There are no limits to the number of domains you can add. Each domain costs $14 per month to monitor and there also aren't any limits on the number of messages we'll process for your domain.

You might be wondering about subdomains at this point as well. We'll automatically collect DMARC records for emails sent from a subdomain of the root domain unless there’s a separate DMARC record set up on the subdomain. For example, if you add dohnuts.com to DMARC Digests, we'll also collect reports you send from any subdomains of dohnuts.com such as news.dohnuts.com, support.dohnuts.com, etc. This is all included in your subscription, but if you'd prefer to monitor reports for subdomains separately, we'd recommend adding them as a new domain. 

Once we've provided you with your DMARC record, you'll need to pop over to your DNS provider to add it there. 

Depending on where you are on your DMARC journey, you might see a different value that we produce for you. For example, if you don't currently have a DMARC policy, we recommend starting with a "none" policy. If you skipped the video above, let's go over in a bit more detail what a DMARC policy does and what are the different policy options:

A DMARC policy allows you to instruct receivers on how you'd like them to handle unauthenticated messages sent from your domain. It's a great way to make sure only authorized sources of your mail are circulating. However, it's important not to be tempted to jump straight to the strictest policy as this could end up impacting the deliverability of your legitimate messages. So what are the different policy options?

Monitoring (p=none) We strongly recommend starting with a none policy so that you can first gather data about all the sources you're sending from and make sure they're set up with DKIM and SPF. This policy does mean that you're asking for no action to be taken on messages that are unauthenticated. However, with the help of DMARC Digests reports, you can see who is sending on behalf of your domain. Only once you've been monitoring your data for some time and are certain that all of your sources are fully authenticated, you can move to a Quarantine policy. Read our guide on how to carefully change your DMARC policy with the help of the pct tag.

Quarantine (p=quarantine) A quarantine policy means that you're asking receivers to put any unauthenticated mail into the spam/junk folder. It's important not to skip this step, even if you're certain that you've identified all of your sources and they're fully authenticated. There are many use-cases where certain emails might only be sent from your domain once or twice a year. For example, a Terms of Service update or seasonal emails. A quarantine policy doesn't impact your email workflow as much as a reject policy would whilst also providing you with a certain level of protection. 

Reject (p=reject) A reject policy means that you're asking receivers to drop any messages that are unauthenticated, so they'll never be delivered. We believe that everyone's DMARC goal should be to eventually move to a "reject" policy, since it's the single way to ensure only fully authorized mail is ever delivered from your domain. As we've discussed though, getting here is a journey and even after you've reached this destination, DMARC monitoring should always remain an important part of your email security.

Check out our " Setting up your DMARC record" documentation for more guidance and answers to common questions. 




Lastly, it can take up to 24 hours for your DMARC record to be verified and from there, you're all se

Email Digests

You can choose to receive weekly or monthly digests which highlight issues and provide guidance on how to fix them.

Team

Don't forget to invite your team members to view reports so everyone can monitor your domains and keep an eye out for important changes. You can choose to provide users with Admin or View access.

Friendly Support

Whether you're completely new to DMARC or you're a seasoned professional, our support team are here to help! From explaining how DMARC works, what actions you should or shouldn't be taking, to digging into anything unusual you might be seeing in your reports, we've got you covered.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us