How To Configure Zimbra DMARC?

DMARC or Domain-based Message Authentication, Reporting, and Conformance is an email authentication, policy, and reporting protocol that defines how your email servers should manage your SPF and DKIM. DMARC protects your domain from fraudulent emails by allowing you to publish a policy in your DNS records to determine which of DKIM or SPF (or both) should be used for sending emails from your domain.

How to Configure DMARC

To set up DMARC you need first to create the DMARC rule then add it to your DNS.

Tag NamePurposeExample
vProtocol versionv=DMARC1
pctPercentage of messages subjected to filteringpct=20
rufReporting URI for forensic reportsruf=mailto:authfail@example.com
ruaReporting URI of aggregate reportsrua=mailto:aggrep@example.com
pPolicy for organizational domainp=quarantine
spPolicy for subdomains of the ODsp=reject
adkimAlignment mode for DKIMadkim=s
aspfAlignment mode for SPFaspf=r
  1. Create your DMARC rule
    • You can use the tags above to set your DMARC rule
      For example v=DMARC1; p=quarantine; pct=100
      • v is the version,
      • p is the policy you want the receiving server to follow if DMARC fails, it can set the policy to none, quarantine, or reject,
      • pct indicates this rule should be used for 100% of email,
    • Or another example, v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:dmarcreports@example.com
      • v is the version,
      • p  is the policy you want the receiving server to follow if DMARC fails, it can set the policy to none, quarantine, or reject,
      • sp the subdomain policy,
      • pct is the percent of “bad” emails on which to apply the policy,
      • rua is the URI to send aggregate reports to.
  2. Add your DMARC rule to the DNS
    • Access your DNS provider, for example, GoDaddy, Network Solutions, etc.
    • Access your DNS Management or something like name server management.
    • Add a new TXT entry.
    • Set the Record Type to TXT.
    • Insert _dmarc in the Hostname field.
    • Insert the created DMARC rule in the TXT Value field.
    • Assign the Time to Live (TTL), for example, let’s use 3600s.
    • Save the entry.

How to Verify Your DMARC

The next step would be testing your DMARC to see if it works. To do so, please see How to Verify Your DMARC Record.

Technical writer at Zextras, an open-source and technology enthusiast who creates instructional and technical articles about Zextras and Zimbra.

Comments

[…] ejemplo, ¿cómo configurar DMARC? Boom, ahí está, con todo lujo de detalles:La página principal de community.zextras.com es limpia […]

Post your comment