Cyber Kaizen Managed Cybersecurity and IT Services
Schedule Your Free Consultation with an Expert

DMARC Record Generator

OurDMARC Record Generator quickly creates a DMARC record for your domain, telling mail servers how to handle emails that fail SPF or DKIM checks. This helps protect your brand and recipients from spoofed or fraudulent messages. Simply fill out a few fields, copy the generated record, and add it to your DNS—no deep technical knowledge required.

Welcome to the DMARC Record Generator — a simple tool designed to help you protect your domain from email spoofing and phishing attacks.

Choose from two modes based on your needs:

Easy Mode: Quickly set a DMARC policy (none, quarantine, or reject) and define how much of your email traffic is enforced—perfect for fast setup or basic protection.

Advanced Mode: Unlock full control with subdomain policies, strict SPF & DKIM alignment, and failure reporting addresses—ideal for advanced users who want to fully enforce DMARC and monitor email activity.

Generate your custom DMARC record and secure your domain in just a few steps!

You do not have permission to update DMARC settings.

Easy Mode Instructions

This setup is recommended for most users who just need basic DMARC enforcement and minimal fuss.

  1. Open the DMARC Generator

    • In WordPress, go to Settings > DMARC Generator.
    • Select Easy Mode when prompted or from the toggle dropdown.

  2. Enter Your Domain

    • You’ll see a field labeled “Domain.”
    • Type your main domain (e.g., example.com) – without any subdomains or “_dmarc.” prefix.

  3. Policy (p)

    • Choose how you want unauthorized emails to be handled:
      • none: Monitor only; no blocking.
      • quarantine: Mark suspicious emails (often sent to spam).
      • reject: Block unverified emails entirely (strongest protection).

  4. Percentage (pct)

    • Enter a number (1–100). This is the percent of email traffic you want to apply your DMARC policy to.
    • 100%: All emails must pass DMARC or face the chosen policy.

  5. Save / Generate DMARC

    • Click Generate DMARC Record (the button at the bottom).
    • A “Generated DMARC Record” will appear. It might look like:
      ini v=DMARC1; p=quarantine; pct=100
       

  6. Copy the DMARC Record

    • Use the clipboard icon next to the record (or a “Copy” button/icon).
    • This copies the text to your clipboard.

  7. Add the DMARC Record to DNS

    • Sign in to your domain’s DNS manager (wherever you manage DNS – GoDaddy, Namecheap, Cloudflare, etc.).
    • Create a TXT Record:
      • Name/Host: _dmarc (some DNS hosts require _dmarc.yourdomain.com.).
      • Value/Content: Paste the DMARC record you copied.
      • TTL: 1 hour or “default” is typically fine.

  8. Apply DKIM (Basic)

    • Your email provider (e.g., Google Workspace, Microsoft 365, or your hosting email) will generate a DKIM public key for you.
    • Add that DKIM public key in a separate TXT record (often named something like default._domainkey.yourdomain.com.).
    • The DMARC “adkim” value (if using advanced alignment) ensures it matches your domain name. For Easy Mode, you’re not setting adkim specifically, so it defaults to a “relaxed” alignment.

Advanced Mode Instructions

If you need more granular control (subdomain policies, strict alignment, failure report addresses), you can toggle to Advanced Mode.

  1. Enter Domain & Base DMARC Info

    • Same as in Easy Mode: type your domain and choose Policy (p), Percentage (pct).

  2. Subdomain Policy (sp)

    • Check the box labeled “Subdomain Policy.”
    • Then choose none, quarantine, or reject for subdomain handling.
    • For example, if you want your subdomains to have the same policy as your main domain, choose reject (for strong security).

  3. SPF Identifier Alignment (aspf)

    • Check the “SPF Identifier Alignment” box if you want to enforce alignment.
    • Relaxed (r): The “From” domain can match the SPF domain or any subdomain.
    • Strict (s): They must match exactly.

  4. DKIM Identifier Alignment (adkim)

    • Check the “DKIM Identifier Alignment” box to enforce alignment.
    • Relaxed (r): The “From” domain can match the DKIM domain or any subdomain.
    • Strict (s): Must match exactly.

  5. Failure Reporting Options (rua & ruf)

    • If you check “Failure Reporting Options,” you can enter:
      • rua: Aggregate report address (e.g., mailto:report@example.com).
      • ruf: Forensic/failure address (e.g., mailto:forensic@example.com).
    • You’ll receive reports about DMARC compliance and unauthorized attempts.

  6. Generate DMARC Record

    • Click the button to save settings and see your new DMARC record.
    • The record might include additional tags like sp=, aspf=, adkim=, etc., depending on your checkboxes.

  7. Copy & Add the DMARC Record to DNS

    • Copy the record (icon/button).
    • In your DNS manager, create or update the TXT record at _dmarc.yourdomain.com..
    • Paste the advanced record.
    • Save and allow time for DNS changes to propagate.

  8. Apply DKIM (Advanced)

    • Just like in Easy Mode, you still need a DKIM public key from your mail service.
    • In Advanced Mode, if you checked DKIM Identifier Alignment (adkim), ensure your DKIM domain matches the domain in “From.” This typically means using a DKIM selector that references the same domain (no mismatch).
    • Add your DKIM key as another TXT record in DNS (e.g., selector1._domainkey.yourdomain.com. with the value provided by your mail provider).

Trust Cyber Kaizen to Secure Your Business and Drive Success...

We understand the challenges of unreliable IT systems, slow support, and unresolved issues that stall productivity, lower employee morale, and expose your business to unnecessary risks.

With over 20 years of experience, our certified team supports businesses across the UK and beyond, securing over a thousand devices and users while delivering unmatched reliability and advanced cybersecurity solutions.

We believe a robust cybersecurity program and seamless IT management bringlasting value by protecting your business, driving productivity, and securing its future success.

We’re passionate about helping businesses like yours thrive. Let’s work together to create tailored IT and cybersecurity solutions that meet your unique needs.

Cyber Kaizen Limited's DMARC Record Generator aiding businesses in enhancing email security and IT support.

Comprehensive IT and Cybersecurity Services by Cyber KaizenCore Services

Managed IT Support

Optional 1 sentence description of the service, or simply delete if it's self-explanatory.

Managed Cyber Security

Optional 1 sentence description of the service, or simply delete if it's self-explanatory.

Cloud Services

Optional 1 sentence description of the service, or simply delete if it's self-explanatory.

Your Strategy to Success

Step 1: Schedule your FREE Consultation with an Expert

We’ll schedule a Teams meeting to discuss your business, goals, challenges, and answer any questions.

Step 2: We Create Your Business Plan

We’ll create a tailored Business IT Strategy, outlining exactly how we’ll get your business back on track while reducing costs.

Step 3: Worry-Free IT for Secure, Growing Businesses

Streamlined IT and robust security help your business thrive with confidence and peace of mind.

Schedule Your FREE Consultation with an Expert

Ready to Get Started?

Schedule Your FREE Cosultation with an Expert

Boost Your Business with Cyber Kaizen's IT and Cybersecurity Services

IT & Cybersecurity Consultants

We provide comprehensive IT and cybersecurity services tailored to your business needs. From Managed IT support services to advanced cybersecurity solutions like threat monitoring, data protection, and compliance, we ensure your systems are secure, efficient, and always running smoothly.

FacebookYoutubeLinkedinTiktok

Address

Cyber Kaizen Limited

Eastfield Court

St Albans

Hertfordshire

AL4 9JL

United Kingdom

Phone

0800 208 8456

More Links