Use DMARC to harden SPF and DKIM

article #1255, updated 19 days ago

The following TXT record:

v=DMARC1;p=reject;pct=100;p=reject;adkim=s;aspf=s

at least theoretically, should harden SPF and, if present, DKIM. “=s” means “strict”. According to DMARC documentation, DMARC can be used without DKIM, and experiences with a first setup of the above without DKIM are playing out well so far.

Categories:   DNS   Spam/Antispam