You set up DMARC together with your system administrator. You check the settings in your Spotler Mail+ account and the system administrator then adds the necessary DNS settings. This is a one-time operation.
What is DMARC?
DMARC, SPF and DKIM are email security standards. By setting this on your sending domain (contact@domain.com) you prevent unauthorized persons from sending emails from this domain. Don't be put off by the technical terms. As a Spotler Mail+ user, it is important that you know that it has been set up. You can leave the setting itself to a colleague or hosting party that manages your domain name. Learn more about its structure and operation in the article What is DMARC?
This is how you set up DMARC
- Check if DMARC is set up
- Request and set up DMARC authentication
- Check whether DMARC is set correctly
Can't figure it out? View the frequently asked questions.
Check if DMARC is set up
In your Spotler Mail+ account, go to Settings via the drop-down menu at the bottom left. Then go to the Security tab and you will then arrive at the Deliverability settings. Here you will find the reply addresses with associated reply domains. Check the status of your authentication in the DMARC column.
Do you have multiple reply domains, like the screenshot above? Then make sure you set up DMARC authentication for each reply domain.
Option 1: You have active DMARC authentication
If DMARC is set up correctly, you will see a green check mark next to the status of the reply domain. You don't have to take any action.
Option 2: You have DMARC authentication, but a problem has occurred
If you have already set up DMARC on your domain, but not yet enough to use Spotler Mail+, you will see the following:
You see that a problem has occurred. You can view the DMARC instructions via the right mouse menu, here you can see the problem. Share this information with your system administrator. This person adds the missing records in your DNS settings that you see on the instructions page. Under the Content heading you can see what you need to add to the settings:
Please note! If the DMARC policy has already been set up for your domain, you can only send emails with Spotler if Spotler is authorized to do so (and if this is set up correctly in Spotler). Arrange this before you send out the first mailing.
Option 3: You don't have DMARC authentication yet
If you have not yet set up DMARC on your domain, you will see the following:
Action is required, read the next steps below to set up DMARC.
Request and set up DMARC authentication
In order to publish DMARC, you must complete 2 steps:
1. Request DMARC authorization
First, you must request DMARC authentication in your Spotler account. Go to Settings and then to the tab Security. You will automatically be referred to the header Deliverability. Here, you will see an overview of your reply addresses, or you could add a reply address here. Below that, you will see an overview of reply domains. If your reply address is active, the domain of your reply address is automatically added here. This is where you can request DMARC authentication. Move your cursor across the domain or right-click to open the drop-down menu. Click on Request DMARC authentication.
A pop-up will appear:
Specify the format in which the DKIM key must be used. We recommend 2048-bit, because the higher the number of bits, the better the DKIM is protected. However, please contact your domain administrator to find out whether 2048 is supported. Next, click on OK.
The status of the reply domain has now been changed to DMARC authentication requested.
You will receive an email with further instructions.
2. Send instructions to your domain administrator
Requesting DMARC authentication requires implementing a number of settings on your own server. Therefore, make sure to forward the instruction email to your domain administrator, to have them set up the DMARC policy for your domain.
Additional instructions system administrator
- Set up DKIM & SPF first. These are the basics for DMARC. Don't forget to also add other sending servers from which you send emails. More information about DKIM and SPF can be found in the instruction email sent to the user who completed step 1 above.
- Then go to: https://dmarc.org/overview/ for next steps. Here you can see the background of DMARC, but also which elements (tags) DMARC can consist of, including an example.
- Normally it is not mandatory to use all tags that you see in the overview of: https://dmarc.org/overview/. This means you don't have to use the ruf and rua tags. However, we recommend that you do this to avoid problems. By filling these records you will receive feedback to the email address if your domain is suspected of being misused. This way you can take action immediately. So make sure that DMARC looks at least like this:
v=DMARC1; p=none; sp=none; rua=mailto:put your own email address here; ruf=mailto:put your own email address here
- Analyze the data and adjust mail flows if necessary.
- DMARC has a policy where you can choose what action should be taken with an email sent from your domain if no DMARC has been set up. Namely "none", "quarantine" or "decline". You can change this as you gain more experience.
Check whether DMARC is set correctly
Does the system administrator notify you that the actions have been carried out? Check on the same page in your Spotler Mail+ account (Settings > Security > Deliverability) whether the correct status is shown, namely: DMARC authentication active.
Frequently asked questions
Yes, if you want to send emails from Spotler Mail+, we require proper DMARC authentication. We do this to guarantee correct delivery. There are receiving parties, such as Gmail and Yahoo, that require DMARC authentication to allow your email to reach their inboxes.
Then there is a chance that a large part of your emails will not be delivered will be delivered to the recipient's inbox. Receiving parties, such as Gmail and Yahoo, can't verify that you're really the one allowed email from the shipping address. They can't rule out that you are a spammer. To protect the recipient from spam, deliver they don't finish the email. This may affect all emails sent from your sending domain will be sent, as you are less reliable happens.
You appear most reliable if you optimize your SPF, DKIM and DMARC settings for all systems from which you send email with your sending domain. Consider, for example, system emails from your webshop. If you have already set up a DMARC record for one of these systems, merge both records. A double DMARC record is not valid.
You need your system administrator to set up DMARC. This is the person who has access to the DNS settings on your domain. Your domain is also the part after the @ sign of your reply address. For example: spotler.nl is the domain of contact@spotler.nl. Often this is a colleague from IT. At some small organizations you have to contact the hosting party directly where you purchase your domain.
Please contact support, they can delete the current authentication so you can configure a new one.
No, this is not necessary. Please set-up DMARC for one Mail+ account and contact support.
Yes, you set SPF, DKIM and DMARC separately for each domain.