Setting up a DMARC record with Mailpro is the third pillar of email authentication, after SPF and DKIM. Done right, it stops domain spoofing, satisfies the 2024 sender requirements from Gmail and Yahoo, and gives you visibility into who is using your domain. Done in haste, it can block your own legitimate emails — that’s why we recommend a phased rollout.

Before you start: Make sure SPF and DKIM are already configured for every server that sends email from your domain. DMARC enforces those checks; if either is missing, even your real emails will fail.

Step 1 — Choose your starting policy

Always begin with p=none. This is the “monitor only” policy: no email is blocked, but you receive daily aggregate reports showing what passes or fails. Spend 2–4 weeks here, fix every authentication gap, then move forward.

Step 2 — Generate the TXT record in Mailpro

From your dashboard open Account → Authentication → DMARC and click Generate. Mailpro builds the record using best practices and shows you the exact value to publish in DNS:

v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1; pct=100; aspf=r; adkim=r

Step 3 — Publish in your DNS

FieldValue
TypeTXT
Host / Name_dmarc
Valuev=DMARC1; p=none; rua=mailto:dmarc@…
TTL3600 (1 hour)

Save the record and wait 5–30 minutes for DNS to propagate.

Step 4 — Read the aggregate reports

Receivers send daily XML reports to your rua address. They list every IP that sent on your behalf, and whether SPF/DKIM aligned. Use a free DMARC analyzer (Postmark, dmarcian, Mailpro’s built-in viewer) to spot rogue senders or misconfigured tools. See monitoring DMARC.

Do not skip this: At least 90% of legitimate senders should pass for two consecutive weeks before you tighten the policy. Otherwise you will block real customer-facing email.

Step 5 — Tighten gradually

Once monitoring is clean, change p=none to p=quarantine; pct=25. After two stable weeks, raise to pct=50, then pct=100, and finally p=reject. This phased approach is what large enterprises use to avoid breaking business email.

Common errors and fixes

If your DMARC says “policy not enabled”, see our DMARC policy not enabled guide. Make sure SPF and DKIM are valid first.

Activate DMARC the safe way

Mailpro generates the right record for your situation, hosts the report mailbox and tracks alignment for you. Open the DMARC configuration page or watch the DMARC tutorial.

Previous question

   

Next question

You might also be interested in:

Are Email Addresses Case Sensitive?

Short answer: in everyday email use, addresses are treated as case-insensitive. Sending to [email protected] or [email protected] reaches the same inbox...

Read more

What Are the Differences Between Texting and Email?

Texting and email both deliver written messages, but they target very different moments. SMS goes straight to the phone in...

Read more

How to Fix Error 5.7.1 (Relay Access Denied)

Code 5.7.1 « Relay access denied » means the SMTP server you connected to refuses to forward your message to...

Read more

MSISDN: Definition and Format (CC+NDC+SN)

MSISDN stands for Mobile Station International Subscriber Directory Number. It is the worldwide format your SMS gateway uses to identify...

Read more

What Is SMTP Error 554 and How to Fix It?

SMTP error 554 is a permanent rejection: the recipient server refused to accept your email. The good news? Once you...

Read more

Unleash the Power of Professional Email Marketing

Secure, scalable, and built for impact. Join Mailpro™ today and enjoy 500 free credits to send your first campaign.
Start Sending for Free