⚡ Folderly Flash Test my email →

Set up DMARC from scratch

DMARC is the policy that tells receivers what to do when an email claiming to be from your domain isn't authenticated. It's required for bulk senders and is the single strongest anti-spoofing control you can deploy. Setup is a DNS record plus a careful rollout.

Why mailbox providers enforce this

Without DMARC, anyone can forge your From domain and your legitimate mail earns less trust. Gmail and Yahoo require a DMARC record from bulk senders, and they reward enforced policies. The record is easy; the discipline is rolling from monitoring to enforcement without blocking real mail.

How to fix it

  1. Make sure SPF and DKIM are already passing and aligned with your From domain — DMARC builds on them.
  2. Publish a TXT record at _dmarc.yourdomain: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.
  3. Collect aggregate (rua) reports for 2-4 weeks and confirm every legitimate sender passes SPF or DKIM alignment.
  4. Raise the policy to p=quarantine, monitor, then to p=reject for full protection.
  5. Use pct= to roll out enforcement gradually on high-volume domains, and keep monitoring reports afterward.
Don't guess — measure it. Send one email to Folderly Flash and see exactly which checks pass or fail for your message, in 30 seconds. No signup.
Run a free test →

FAQ

What's the minimum DMARC record?
v=DMARC1; p=none; rua=mailto:you@yourdomain — but p=none is monitor-only. The goal is to graduate to p=quarantine or p=reject once your senders are aligned.
Will DMARC break my email?
Only at enforcement, and only for senders that aren't aligned. That's why you monitor rua reports at p=none first and fix alignment before enforcing.

Related

Want a deliverability engineer to fix this for you? Hand it to Folderly →