Adding a DMARC record

• Overview
• Accessing DMARC Management
• Creating a DMARC Record
• Verifying the Record
• Generating and Adding a DKIM Record
• Additional Notes

This article explains how to add a DMARC (Domain-based Message Authentication, Reporting, and Conformance) record using Cloudflare's DNS management interface.
If you host your DNS on another service, reach out to them for details on how to configure your DMARC.

DMARC helps protect your domain from email spoofing and phishing by specifying how mail servers should handle unauthorized emails. Additionally, this guide covers how to generate and add a DKIM (DomainKeys Identified Mail) record for enhanced email authentication.

Note: Cart.com does not host DNS or provide DNS management but provides this article for reference, for the convenience of our customers.

Accessing DMARC Management

1. Log in to your Cloudflare account.
2. From the dashboard, select your domain.
3. In the left-hand menu, click on Email.
4. Under the Email settings, select DMARC Management.

Creating a DMARC Record

1. Click on View Records in the top right corner.
2. Click the blue Create Record button.
3. Enter a reporting email address.
   • Tip: It is recommended to use an email address on your own domain to verify authorization for receiving reports.
4. For the Policy field, select Quarantine.
   • Note: Choosing "None" may make the DMARC policy ineffective. If you are unsure of the Policy to use, check with your IT.
5. Click Submit to finalize the record.
6. Confirm the record creation when prompted.

Verifying the Record

1. Navigate to DNS from the left-hand menu.
2. Check if the newly created DMARC record appears in the list.
3. If your record shows, you can test it at https://mxtoolbox.com/dmarc.aspx

Generating and Adding a DKIM Record

DKIM (DomainKeys Identified Mail) is another email authentication method that adds a digital signature to outgoing emails, allowing recipients to verify their authenticity. If your email provider supports DKIM.
If you are using CloudFlare for your DNS, you can visit this page: https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/ for details on how to add the record.

If you don't use CloudFlare, you can generate a DKIM record using an online tool like EasyDMARC's DKIM Record Generator and add it to your DNS.

Steps to generate a DKIM record:

1. Go to EasyDMARC DKIM Record Generator.
2. Enter your domain name in the required field.
3. Select the appropriate Key Length (e.g., 2048-bit for better security).
4. Click Generate to create the DKIM record.
5. Copy the generated Selector and DKIM TXT Record Value.

Steps to add the DKIM record in Cloudflare:

1. Log in to your Cloudflare account.
2. Go to DNS from the left-hand menu.
3. Click Add Record.
4. Set the record type to TXT.
5. For the Name field, enter the DKIM selector followed by ._domainkey (e.g., selector1._domainkey).
6. Paste the copied DKIM TXT record value into the Content field.
7. Set TTL (Time to Live) to Auto or a suitable duration.
8. Click Save to apply the changes.

Verifying DKIM:

• Many email providers offer DKIM verification tools. You can also use EasyDMARC's DKIM Checker to confirm that your DKIM record is correctly configured.
• It may take some time for DNS propagation before the DKIM record becomes active.

Additional Notes

• DKIM and DMARC work together to improve email security. If your email provider supports DKIM, it is highly recommended to configure both records.