Email authentication

How to start deploying DMARC in 5 easy steps

Deploying DMARC can be a difficult process. DMARC Analyzer provides a SaaS solution which empowers organisations to easily manage complex DMARC deployment. In this article you will learn how to deploy DMARC in 5 easy steps.

1. Identify all your companies domains

Investigating all your company owned domains is the first step of your DMARC deployment. Identify all domains that sent email on behalf of your company, both active and parked (inactive) domains. Do not forget the parked (inactive) domains you own. You might not sent email with your parked (inactive) domains however someone might abuse the domain.

2. Add all identified domains into your dashboard

Next step is to add all the domains you identified in the previous step into your account. When you log in on go to “DNS Records” → “Add domain(s)”. Here you can add your domains. Once again, also add your parked (inactive) domains.

3. Generate a DMARC record

Next step is to generate a DMARC record for your domains. The core of a DMARC implementation is your DMARC record. This is easy to setup and necessary in order to use DMARC Analyzer. When you log in on go to “DNS Records” → “DMARC Analyzer setup” to generate your DMARC record. Click here for more information about how to create a DMARC record.

4. Implement your generated DMARC record into your DNS

Next step is to implement the DMARC record, you generated in the previous step, into your DNS. DMARC records must be placed into your DNS. You can do this yourself or you can ask your DNS provider if they can place the relevant DMARC record.

5. Analyze your data

Congratulations, you will now receive detailed DMARC data in your account. Note that it can take up to 72 hours before you will see data in your account. With this data you will gain insight in your email channel(s) Use this data to better understand your mail streams. The reports help you ensure your outbound mail sources are authenticating properly. You can now see if there are ongoing attacks on your domain(s). Ensure that the various IPs sending email claiming to come from your domain are indeed legitimate, configure them properly with DKIM or add them to their SPF range.

Doing all above means you are in the ‘Governance’ fase. Click here for more information about all stages within a DMARC project.