This article describes how to configure TXT DMARC records in cPanel.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication method designed to mitigate email abuses such as spam. It extends the capabilities of SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) authentication methods to provide a more reliable means of communication between email senders and recipients.
You have the option to use the DNS Zone Editor tool in the cPanel control panel to implement DMARC configurations in your DNS records. Additionally, cPanel can configure mailing lists to comply with DMARC standards.
Configuring a DMARC TXT record in DNS
To activate DMARC for your domain, insert a TXT record into your domain’s DNS records containing DMARC configuration data. Follow the steps below:
1. Log in to cPanel.
2. In the domain section, open the Zone Editor tool.
3. Select the domain you want to configure and click Manage.
4. Click the down arrow next to Add Record, then click Add TXT Record.
5. Enter _dmarc in the Name text field.
6. Enter 14400 in the TTL text field.
7. Choose TXT from the Type list.
8. In the Record text field, enter the DMARC configuration string.
DMARC is currently not a universally standardized protocol, meaning different providers may handle DMARC policies differently. It may be necessary to test different DMARC configurations to determine which is most effective for your domain. Here are some examples of DMARC configurations:
- Activate DMARC in “monitoring mode.” When this setting is active, the specified email address (in the “mailto” setting) will receive daily reports from providers containing the number of received messages and whether they passed policy checks:
v=DMARC1;p=none;rua=mailto:moc.e1732355324lpmax1732355324e@ret1732355324samts1732355324op1732355324
- Instruct the recipient to quarantine all messages (100%) that fail policy checks:
v=DMARC1;p=quarantine;pct=100;
- Advise the recipient to reject 50% of all messages that fail policy checks while quarantining the remaining 50%:
v=DMARC1;p=reject;pct=50;
9. Click Add Record, and cPanel will add the TXT record for DMARC.
Testing the new DMARC DNS record
After inserting the DMARC TXT record and waiting for DNS propagation time, it is essential to verify that the record is configured correctly. Please perform the appropriate steps depending on your computer’s operating system.
Microsoft Windows
For Microsoft Windows users, enter the following command in the command prompt:
nslookup
At the nslookup prompt >, enter the following commands. Replace example.com with your domain name:
set type=txt
_dmarc.example.com
You should see output similar to the following (exact text may vary depending on your individual settings):
_dmarc.example.com text =
"v=DMARC1;p=none;rua=mailto:moc.e1732355324lpmax1732355324e@ret1732355324samts1732355324op1732355324"
Linux and Mac OS X
For Linux or Mac OS X users, enter the following command in the command line. Replace “example.com” with your specific domain:
dig +short txt _dmarc.example.com
You should receive output similar to the following:
"v=DMARC1\; p=none\; rua=mailto:moc.e1732355324lpmax1732355324e@ret1732355324samts1732355324op1732355324"
Configuring mailing lists (Mailman) for DMARC
If you are responsible for managing a mailing list, you may encounter issues such as:
- Mailing list messages being marked as spam.
- Mailing list messages not reaching recipients at all.
To increase the chances of delivering mailing list messages to intended recipients, you can configure Mailman settings in cPanel to ensure your list complies with DMARC requirements for other providers.
Please follow these steps:
1. Log in to cPanel.
2. Open the Mailing Lists tool:
3. Find the mailing list you want to configure in the Current Lists section, then click Manage. The Mailman General Options page will appear (General Options).
4. Locate the Details for the from_is_list parameter in the General list personality section.
5. You may need to send a few test messages to determine the most suitable configuration for your mailing list:
- Start with the “Wrap Message” option, click “Submit Your Changes,” and send a few test messages.
- If recipients reject messages or they are classified as spam, try the “Munge From” option, then click “Submit Your Changes.”
More Information
To visit the official DMARC website, go to http://dmarc.org.