Tired of reading emails?
Let AI extract your action items
Unboxd reads every email and gives you a daily briefing with only what matters.
Create a DMARC policy to protect your domain from spoofing, or paste an existing record to see what it does.
Configure your DMARC settings or paste an existing record to get started.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol that protects your domain from spoofing and phishing. It builds on SPF and DKIM to tell receiving mail servers what to do when an email fails authentication checks. Without DMARC, anyone can send emails pretending to be from your domain.
The none policy is monitoring mode — failing emails are still delivered but you receive reports about them. Quarantine sends failing emails to the recipient's spam or junk folder. Reject blocks failing emails entirely, providing the strongest protection. Most organizations start with "none" to gather data, then gradually move to "reject" once they've confirmed all legitimate email sources pass authentication.
Add a TXT record to your DNS with the host/name set to _dmarc (or _dmarc.yourdomain.com) and the value set to your DMARC record string. The exact steps depend on your DNS provider (GoDaddy, Cloudflare, Route 53, Namecheap, etc.), but it's always a TXT record under the _dmarc subdomain. Changes typically propagate within 1–48 hours.
Aggregate reports (rua) are XML files sent by receiving mail servers that show how your domain's emails are being authenticated. They include data on which IPs are sending email on your behalf, pass/fail rates for SPF and DKIM, and what actions were taken. These reports are essential for understanding your email ecosystem before tightening your DMARC policy.
Unboxd reads every email and gives you a daily briefing with only what matters.