Email deliverability
DMARC builds on SPF and DKIM, adds alignment rules, and enables aggregate and forensic reporting.
A DMARC DNS TXT record at _dmarc.example.com declares your policy (none, quarantine, reject) and where reports should be sent.
DMARC passes when either SPF or DKIM aligns with the header From domain and passes authentication—depending on strict or relaxed alignment settings.
Aggregate (rua) reports help you find unauthorized senders; forensic (ruf) reports are optional and may be restricted by large receivers.
DomainKeys Identified Mail: cryptographic signatures, selectors, and DNS TXT publishing.
High-level steps to publish Google’s SPF include and DKIM keys for your primary domain.
Enable DKIM for Microsoft 365 custom domains and publish CNAME records as instructed.
What Sender Policy Framework does, how SPF TXT records work, and common mistakes.
Cookie choices
We use a required session cookie for login and optional analytics cookies for marketing pages. Read cookie policy