Email Delivery & Mail Server
Set Up DMARC to Improve Your Email Deliverability
This article explains how to set up DMARC to improve email deliverability.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is crucial for enhancing email deliverability and protecting your emails from spam filters. It ensures the authentication and security of your emails through cooperation with SPF and DKIM.
Please take a moment to read through this article, as DMARC plays a key role in making sure your emails reach your recipients' inboxes, and understanding how to set it up correctly will help ensure your emails are delivered smoothly and securely.
Infos about DMARC
Benefits of Using DMARC
Using DMARC, SPF, and DKIM helps ensure your emails are less likely to end up in the spam folder. It's important to either set the DNS settings for your domain yourself or have your domain host configure them for you. DMARC provides email providers (ISPs) like Gmail, GMX, and others with instructions on how to handle emails from your domain.
DMARC works in conjunction with SPF and DKIM, two methods that authenticate your emails and increase security. Together, they ensure emails genuinely originate from the specified source — the domain owner. This verifies you as the legitimate sender.
By doing so, you help ensure that your emails are not flagged as unwanted or spam. Email providers, such as Gmail or GMX, trust your emails more when DMARC is implemented, resulting in more reliable delivery.
Why DMARC Is Now Essential for Email Delivery
Some providers, such as GMAIL and Yahoo, have tightened their DMARC guidelines with the effective date of 01.02.2024. All email senders must have a DMARC record set up on their domain from this date What does this mean for you? Without DMARC, it is very likely that your emails will be delivered less frequently.
Did you Know?
This applies not only to KlickTipp but to all systems you use to send emails. The DNS settings for DKIM and SPF should also be configured for your own mail server. This includes billing systems, webinar tools, and scheduling tools. DMARC for better email delivery only needs to be set once for your domain.
Requirements for Using DMARC
DMARC relies on SPF and DKIM. If your sending domain is successfully DKIM-verified, your domain will automatically have an SPF entry, even if you're using your own outbound mail server (in the Enterprise plan) with us. If you haven't set up DKIM for your domain yet, we recommend doing so. You can find instructions on how to set it up here:
A DMARC entry applies to your entire domain. Your domain must have SPF and DKIM settings not only for KlickTipp but also for all other systems, including your own mail server, billing systems, webinar tools, and scheduling tools. Without the correct DKIM and SPF settings in these systems, bounces or errors may occur.
Important
Your domain host does not support DKIM and/or DMARC entries? Then we recommend that you think about changing your hoster in the long term.
Because DMARC is important for better email delivery, you can request a move to another host. The prerequisite should be that this host supports the settings. The domain hoster will be happy to answer any questions you may have in this regard.
Set Up DMARC Entry with Your Host
For beginners, we recommend starting with the simplest DMARC requirement, which ensures that your emails land in your contacts' inboxes.
Additional DMARC settings are possible but not mandatory.
To use DMARC, you need to create a new DNS entry with your domain host.
This could be services like ALL-INKL, IONOS, or Strato.
The required entry is a TXT/DNS record:
_dmarc.deinedomain.de. 3600 IN TXT "v=DMARC1; p=none;"
Kopieren
Name/Host/Präfix: _dmarc
Wert/Data: v=DMARC1; p=none;
Typ: TXT
Kopieren
Advanced DMARC Settings for IT Professionals
If you’re an IT professional, you can opt for more specific DMARC settings to enforce a higher standard for email handling. This can be especially useful if emails fail the DMARC check.
While we’ll walk you through the simplest settings here, there are many other options available. For a proper DMARC setup, you must define a policy that dictates how to handle emails that fail the DMARC check. The three main policies are:
| Policy | Use |
|---|---|
| p=none | This policy has no influence on e-mail delivery and is mainly for testing purposes. |
| p=quarantine | Emails that do not pass DMARC are held back for further checking, usually in the spam folder. |
| p=reject | Emails that do not pass are completely rejected and not delivered, resulting in an error message (bounce). |
In this case, the following entry must be set (depending on the policy):
_dmarc.deinedomain.de. 3600 IN TXT "v=DMARC1; p=none;"
Kopieren
_dmarc.deinedomain.de. 3600 IN TXT "v=DMARC1; p=quarantine;"
Kopieren
_dmarc.deinedomain.de. 3600 IN TXT "v=DMARC1; p=reject;"
Kopieren
Of course, you should regularly test your DMARC settings to ensure they are working correctly. You can receive reports to help with this verification.
There are optional parameters that you can add at the end of your DMARC TXT entry:
| Parameters | Use |
|---|---|
| rua=mailto:deineEmail@ yourdomain.com | Aggregated reports: Delivery summaries are sent by the mailbox provider to the specified e-mail address for analysis. |
| ruf=mailto:deineEmail@ yourdomain.com | Forensic reports: Each failed delivery triggers a separate, detailed e-mail that is sent to the specified e-mail address. |
We recommend starting with the lowest policy and gradually increasing it as needed. Begin with "p=none," then move to "p=quarantine," and finally, "p=reject." A test period of at least one week is advisable. Reports can be sent even with the lowest policy "p=none," and they are typically sent every 24 hours. A complete entry, including aggregated reports, would look like this:
_dmarc.deinedomain.de. 3600 IN TXT "v=DMARC1; p=none; rua=mailto:deineEmail@deinedomain.de"
Kopieren
Good to Know
The receiving email address for the reports must always belong to the relevant domain. If you wish to use an email address from a different domain, the configuration needs to be adjusted accordingly.
Setting up DMARC requires careful planning and ongoing monitoring to ensure that legitimate emails are not unintentionally blocked.
Configuring DMARC is essential for securing your email communication. It also improves deliverability. With the recommended settings, your emails will be trusted by providers. This ensures they reliably reach your recipients’ inboxes. Start with a basic setup. Monitor the results and adjust as needed for the best performance!