Summary
All sources, including email marketers, documentation, and experts, uniformly confirm that a DMARC record must be associated with the `_dmarc` subdomain. This association is a fundamental requirement of the DMARC standard, defined in RFC 7489. The DMARC record is implemented as a TXT record within the DNS settings, specifically under the `_dmarc.yourdomain.com` naming convention. Email receivers rely on this standardized location to discover and enforce DMARC policies. Failure to place the record in the `_dmarc` subdomain will render it ineffective, as email servers will not be able to locate and apply the DMARC policy.
Key findings
- Unanimous Agreement: All sources, regardless of type (marketer, documentation, expert), agree on the requirement for DMARC records to be located within the `_dmarc` subdomain.
- RFC 7489 Mandate: The association with the `_dmarc` subdomain is not arbitrary but is a core component of the DMARC standard as defined in RFC 7489.
- TXT Record Implementation: DMARC records are always implemented as TXT records within the DNS settings.
- Standardized Naming Convention: The naming convention for the DMARC record follows the pattern `_dmarc.yourdomain.com`.
Key considerations
- Critical Placement: Accurate placement of the DMARC record within the `_dmarc` subdomain is crucial for its proper function and effectiveness.
- Email Receiver Reliance: Email receivers are programmed to specifically look for DMARC policies within the `_dmarc` subdomain; incorrect placement will prevent them from finding the policy.
- Consequences of Failure: Failure to associate the DMARC record with the `_dmarc` subdomain will render DMARC ineffective, leaving the domain vulnerable to email spoofing and phishing attacks.
What email marketers say
11 marketer opinions
All sources confirm that a DMARC record must be associated with the `_dmarc` subdomain. This is a standard requirement defined in RFC 7489 and is the only location where email servers will look for a domain's DMARC policy. The DMARC record is added as a TXT record in the DNS settings under the `_dmarc` subdomain (e.g., `_dmarc.yourdomain.com`). This placement allows receiving mail servers to discover and enforce the sender's DMARC policy.
Key opinions
- RFC Standard: Association with the `_dmarc` subdomain is mandated by RFC 7489.
- Standardized Location: The `_dmarc` subdomain is the universally recognized location for DMARC records.
- TXT Record Requirement: DMARC records must be configured as TXT records in the DNS settings.
Key considerations
- Correct Placement: Ensuring the DMARC record is placed precisely under the `_dmarc` subdomain is critical for its validity and effectiveness.
- Discovery by Mail Servers: Receiving mail servers are programmed to specifically search for DMARC policies in the `_dmarc` subdomain.
- TXT Record Configuration: The DNS record type must be set to TXT for the DMARC record to be correctly interpreted.
Marketer view
Email marketer from Proofpoint explains that you must publish a DMARC record in the DNS as a TXT record with the host name _dmarc.yourdomain.com, to tell receiving mail servers how to handle unauthenticated emails from your domain.
31 May 2022 - Proofpoint
Marketer view
Email marketer from Mailjet emphasises that to implement DMARC correctly, a TXT record needs to be created in the _dmarc subdomain of your sending domain.
24 May 2022 - Mailjet
What the experts say
2 expert opinions
Both experts, John Levine from Spam Resource and Laura Atkins from Word to the Wise, definitively state that a DMARC record must be associated with the `_dmarc` subdomain. The DMARC record must be a TXT record with the name `_dmarc.yourdomain.example`. Failure to place the record in the correct subdomain will result in the record being ignored, rendering DMARC ineffective.
Key opinions
- Subdomain Requirement: DMARC records must reside within the `_dmarc` subdomain to be valid.
- TXT Record Type: The DMARC record must be a TXT record within the DNS settings.
- Record Name: The TXT record name should follow the pattern `_dmarc.yourdomain.example`.
Key considerations
- Correct Placement: Accurate placement of the DMARC record in the `_dmarc` subdomain is essential for proper function.
- Consequences of Incorrect Placement: If the DMARC record is not located in the `_dmarc` subdomain, it will be ignored, and DMARC will not function as intended.
Expert view
Expert from Spam Resource, John Levine, confirms that a DMARC record lives in DNS, specifically as a TXT record under the name _dmarc.yourdomain.example.
28 Jan 2022 - Spam Resource
Expert view
Expert from Word to the Wise, Laura Atkins, explains that the DMARC record must be added as a TXT record with the name _dmarc.yourdomain.com. Failing to do so would mean it is ignored.
1 May 2022 - Word to the Wise
What the documentation says
5 technical articles
The documentation from multiple sources (datatracker.ietf.org, Google, AuthSMTP, Microsoft, and Cloudflare) consistently specifies that a DMARC record must be associated with the `_dmarc` subdomain. This involves creating a DNS TXT record under the `_dmarc` subdomain of the domain (e.g., `_dmarc.example.com`). This is a fundamental requirement for DMARC to function correctly.
Key findings
- Subdomain Requirement: All sources agree that the DMARC record must be placed within the `_dmarc` subdomain.
- TXT Record: The DMARC record is implemented as a TXT record in the DNS settings.
- Consistency Across Platforms: The requirement to use the `_dmarc` subdomain is consistent across different platforms and providers.
Key considerations
- Accurate Configuration: Ensuring the DMARC record is correctly configured within the `_dmarc` subdomain is crucial for DMARC to be effective.
- DNS Settings: Properly accessing and modifying DNS settings is necessary to implement DMARC.
Technical article
Documentation from AuthSMTP states that the DMARC TXT record must be created under the "_dmarc" subdomain of your domain name.
29 Oct 2024 - AuthSMTP
Technical article
Documentation from Microsoft states that to set up DMARC you need to create a TXT record in DNS and that record needs to be placed under _dmarc.your_domain name.
21 Jul 2024 - Microsoft
Can DKIM be set up on a subdomain, and which domain should be used for signing?
Do I need to set up DMARC for subdomains?
Do subdomains need their own DMARC records if the main domain has one?
Does BIMI trickle down to subdomains and how to control subdomain BIMI display?
How do DMARC policies and RUA/RUF settings inherit or override each other between a domain and its subdomains?
How do DMARC records on subdomains override root domain DMARC policies?
How do I implement DMARC with BIMI on multiple subdomains?
How do I properly set up a DMARC record on Wix and when should I change the policy?
How do I properly set up DMARC records and reporting for email authentication?
How do I set up DMARC records for subdomains?
What are SPF, DKIM, and DMARC, and when are they needed?
