How To Configure Zimbra DMARC? | Zimbra

Document
Alert! This article is written for Zimbra OSE users. As of December 2023, Synacor will no longer be providing support for Zimbra OSE. You might want to consider trying out Carbonio Community Edition – Zextras’s free and open-source email and collaboration platform.

For additional guidance, check out our community articles detailing the process of migrating from your current platform to Carbonio CE.

DMARC or Domain-based Message Authentication, Reporting, and Conformance is an email authentication, policy, and reporting protocol that defines how your email servers should manage your SPF and DKIM. DMARC protects your domain from fraudulent emails by allowing you to publish a policy in your DNS records to determine which of DKIM or SPF (or both) should be used for sending emails from your domain.

How to Configure DMARC

To set up DMARC you need first to create the DMARC rule then add it to your DNS.

Tag NamePurposeExample
vProtocol versionv=DMARC1
pctPercentage of messages subjected to filteringpct=20
rufReporting URI for forensic reportsruf=mailto:authfail@example.com
ruaReporting URI of aggregate reportsrua=mailto:aggrep@example.com
pPolicy for organizational domainp=quarantine
spPolicy for subdomains of the ODsp=reject
adkimAlignment mode for DKIMadkim=s
aspfAlignment mode for SPFaspf=r
  1. Create your DMARC rule
    • You can use the tags above to set your DMARC rule
      For example v=DMARC1; p=quarantine; pct=100
      • v is the version,
      • p is the policy you want the receiving server to follow if DMARC fails, it can set the policy to none, quarantine, or reject,
      • pct indicates this rule should be used for 100% of email,
    • Or another example, v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:dmarcreports@example.com
      • v is the version,
      • p  is the policy you want the receiving server to follow if DMARC fails, it can set the policy to none, quarantine, or reject,
      • sp the subdomain policy,
      • pct is the percent of “bad” emails on which to apply the policy,
      • rua is the URI to send aggregate reports to.
  2. Add your DMARC rule to the DNS
    • Access your DNS provider, for example, GoDaddy, Network Solutions, etc.
    • Access your DNS Management or something like name server management.
    • Add a new TXT entry.
    • Set the Record Type to TXT.
    • Insert _dmarc in the Hostname field.
    • Insert the created DMARC rule in the TXT Value field.
    • Assign the Time to Live (TTL), for example, let’s use 3600s.
    • Save the entry.

How to Verify Your DMARC

The next step would be testing your DMARC to see if it works. To do so, please see How to Verify Your DMARC Record.

Download Zextras Suite for Zimbra OSE

Comments

[…] ejemplo, ¿cómo configurar DMARC? Boom, ahí está, con todo lujo de detalles:La página principal de community.zextras.com es limpia […]

Post your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

How To Configure Zimbra SPF to Check Incoming Emails? | Zimbra
How To Configure Zimbra rDNS? | Zimbra