====== What to consider when using DMARC? ======


=====Status Quo===== 
DMARC requires usage of DKIM and SPF (which is mandatory for promio.connect domains).
Basics can be found here: https://en.wikipedia.org/wiki/DMARC

There is a common problem that prevents DMARC from widespread usage for a strict policy (policy=REJECT): Redirects can destroy the DMARC signature header. This happens with common groupware (Microsoft Exchange, Novell GroupWise,IBM Lotus Domino), with Sieve-rules and some free mail provider (some hotmail.xyz accounts and web.de). If you would use a strict REJECT policy, such addresses with active redirects could bounce your e-mail. The usage of a neutral policy (policy=NONE) has no disadvantages and may even give you some improvements in deliverability.

If you are a target of phishing attacks, we recommend a strict DMARC policy.


=====Setup for neutral policy=====

promio.net will receive generated DMARC reports and plans to establish a DMARC monitor as part of promio.connect.
If you send 100% of your e-mails with the domain //example.com//, you can set up DMARC by registering the following TXT record in your DNS for //_dmarc.example.com//:

<code>v=DMARC1; p=none; sp=none; rua=mailto:dmarc_reports@promio.net; ruf=mailto:dmarc_reports@promio.net; pct=100</code>

If you want to receive copies of the DMARC reports to your address //dmarc@client.com//, please change the record to:

<code>v=DMARC1; p=none; sp=none; rua=mailto:dmarc_reports@promio.net,dmarc@client.com; ruf=mailto:dmarc_reports@promio.net,dmarc@client.com; pct=100</code>


{{tag> DMARC deliverability spam_filter}}