If you’re one of the many people utilizing email marketing in 2024, you need to be aware of the big mailbox delivery changes coming from Google and Yahoo. Whether you’re using Kartra or another email marketing platform, sending email through a CRM or autoresponder, everyone with a custom domain email needs to do this.
Before we begin, there are 3 pieces required of you to stay compliant with email marketing in 2024. They are:
DMARC is an important protocol for protecting your domain from email spoofing and phishing. In this post, I will walk you through the process step-by-step to set up a DMARC record for your domain.
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. It helps validate that emails actually come from the domains they claim to come from. By setting a DMARC policy, you can instruct email providers on what to do with emails that fail DMARC validation – such as rejecting or quarantining them.
There are 3 values for DMARC:
- None (also known as monitoring mode): Has no impact on delivery of emails that fail validation. Reporting will still occur but messages are not rejected or quarantined. This allows monitoring of DMARC failures without enforcement.
- Rejecting: The receiving email provider will outright reject (not deliver) any messages that fail DMARC validation. This is the strictest policy and helps prevent spoofing but risks blocking some legitimate mail.
- Quarantining: Instead of rejecting messages, they will be placed in a special “quarantine” folder for further review by the recipient. This allows legitimate mail to still be delivered while flagging potentially spoofed messages for closer inspection. It helps identify spoofing attempts without outright blocking mail.
DMARC records are important for compliance, but also to protect your domain and email reputation
Having a DMARC record helps protect your domain from spoofing, where someone sends emails appearing to come from your domain without authorization. It’s an important layer of security for your users and business.
To read more about DMARC and setting up reject or quarantine, I recommend this blog post from Valimail: How to Configure DMARC Policy to Reject or Quarantine
Generating a DMARC Policy
The first step is to generate a DMARC policy– which you’ll need to do!
During a webinar from Kartra, the expert provided his recommendation on free tools to use for DMARC policies and monitoring. That recommendation is for Valimail, which is what I’ll be using for the rest of this blog post.
Not all platforms are going to require you to generate DMARC via third-party. For example, if you are using Keap, they are able to generate this for you. Review the help documentation for your specific platform if you aren’t sure. Or, you can continue with the process outlined below and still use Valimail for DMARC, and to be able to monitor your email delivery success/fail yourself.
(If you have another service that you’d like to suggest or have a review on, please drop that in the comments and I’ll take a look!)
Services like Valimail offer free DMARC policy generation and monitoring. They also provide a lot more insights and resources on paid accounts for those who are email marketing at a very high level. For this purposes of this blog post, we are working with the free account only.
Your DMARC policy will be a snippet of code that you will add to your DNS as a TXT record. This includes the domain name and its directive (“p=none”, “p=reject”, or “p=quarantine” as per the 3 values available) to instruct what mailbox providers such as Google or Yahoo should do with emails that fail authentication.
For example, the record may look like:
_dmarc.example.com. TXT "v=DMARC1; p=reject; sp=quarantine; pct=100; rua=mailto:[email protected]"
Adding the Record to DNS
Next, you’ll need to add the DMARC record to your domain’s DNS. You’ll need to login to wherever your domain is managed, navigate to the DNS, and manage or edit the DNS.
Since DMARC uses a TXT record, add a new one with the name and value from the DMARC policy generator. ValiMail will also suggest that you set the TTL (Time to Live) to 300 seconds, but GoDaddy only goes down to 600 seconds. You can leave this part out.
Then save the new record. It may take some time to propagate across the internet – typically minutes or hours, but occasionally up to 48 hours. You will need to review this in ValiMail after some time to ensure that it is configured.
Who is my domain provider or where do I find the DNS?
Wherever you purchased your domain from is who your domain provider is. Popular examples include:
- Google Domains (now Squarespace)
- Host Gator
Monitoring DMARC Configuration
To check the status, go back to Valimail. Navigate to the “Domains” section via the left sidebar menu, and you’ll see a list of monitored domains.
Initially it may say “Configuration Status: Not Configured” as it is waiting for evidence of the new record. Check back periodically, and it should update to “Configuration Status: Configured” once detected. This can take up to 48 hours. If you aren’t seeing any changes within that time, you can delete the record and try again or reach out for support.
Use Valimail to monitor email validation and confirm your email reputation
You can monitor DMARC reports with your free Valimail account to see how much mail is passing or failing validation over time as you work to align sending practices with your DMARC policy and the new email regulations for 2024.