In addition to DKIM, you are required to set up a DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy. DMARC ensures that the email you send is verified as coming from you, protecting both your business and your recipients from phishing, spoofing, and spam.
DMARC works together with DKIM to evaluate the authenticity of your messages. Once both are set up correctly, you can reliably send authenticated emails through services like Mailchimp Transactional.
Step 1: Understand the DMARC Requirement
We only require that your domain has a DMARC policy in place.
At a minimum, this can be set with
p=none
in relaxed mode.This tells mail servers to deliver emails normally even if they fail authentication, but it still gives you visibility into authentication results.
Step 2: Add a DMARC Record in DNS
Log in to your DNS provider, domain registrar, or hosting provider.
Add a new TXT record with the following details:
Name/Host:
_dmarc.yourdomain.com
Replace
yourdomain.com
with your actual domain.⚠️ Some DNS providers automatically append the domain name, so make sure it doesn’t appear twice (e.g.,
_dmarc.yourdomain.com.yourdomain.com
).
Value:
v=DMARC1; p=none
This is the minimum requirement. You can expand your DMARC policy later to add stricter rules (such as quarantine
or reject
) and include reporting options.
Step 3: Verify Your DMARC Record
If the record is set up correctly, you’ll see your DMARC marked as Valid.
If it fails, double-check the TXT record formatting and confirm you didn’t duplicate your domain name.