SpoofSentrySpoofSentry
Start Free Trial

DMARC Record Generator

Generate a DMARC record for your domain with guided presets. Choose your enforcement level and customize the settings.

Where daily DMARC aggregate reports will be sent. Defaults to dmarc@yourdomain.

DMARC Rollout Guide

Step 1: Start with p=none

Begin by deploying a DMARC record with p=none. This tells receivers to send you reports without affecting email delivery. Monitor for 2-4 weeks.

Step 2: Move to p=quarantine with low pct

Once you have confirmed that legitimate senders pass SPF and DKIM, set p=quarantine; pct=25. This sends 25% of failing emails to spam. Gradually increase pct.

Step 3: Full enforcement with p=reject

After thorough testing, set p=reject to block all unauthorized emails. This provides maximum protection against spoofing.

Common Mistakes

  • Jumping straight to p=reject without monitoring
  • Forgetting to include all legitimate senders in SPF
  • Not setting up DKIM for third-party services
  • Using the wrong domain in rua/ruf addresses
Free DMARC Record Generator - Create Your Policy | SpoofSentry