DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It is an email authentication policy that helps mailbox providers decide what to do when a message claims to come from your domain but does not pass authentication checks.
DMARC works with SPF and DKIM. In Mailcamp, you set it up by adding the DMARC DNS record shown in your sending domain records.
DMARC helps protect your domain from spoofing and phishing. It gives mailbox providers instructions for messages that fail authentication.
It checks whether the visible From domain aligns with SPF or DKIM authentication.
It tells mailbox providers what policy to apply when authentication does not pass.
It can help you monitor who is sending email using your domain.
It helps recipients and mailbox providers trust that messages are really connected to your domain.
DMARC does not replace SPF or DKIM. It depends on them.
SPF, DKIM, and DMARC each handle a different part of email authentication.
SPF checks whether the sending server is allowed to send email for your domain.
DKIM adds a digital signature to the message so receiving servers can verify that it was authorized and not changed in transit.
DMARC checks whether SPF or DKIM passes in a way that aligns with the From domain.
For DMARC to pass, the message must pass SPF or DKIM, and the authenticated domain must align with the domain recipients see in the From address.
A DMARC record includes a policy. The policy tells mailbox providers how to handle messages that fail DMARC.
p=none: monitor DMARC results without asking mailbox providers to quarantine or reject failing messages.
p=quarantine: ask mailbox providers to treat failing messages with caution, often by placing them in spam or junk.
p=reject: ask mailbox providers to reject messages that fail DMARC.
If you are setting up DMARC for the first time, start with p=none. Move to stricter policies only after you confirm all legitimate sending sources for your domain are authenticated.
Mailcamp shows the DMARC record together with the other records for your sending domain.
Go to Sending domains.
Open the domain you want to authenticate.
Find the DMARC record in the DNS records table.
Copy the record type, host, and value exactly as shown.
Add the record at your DNS provider.
Return to Mailcamp and click Verify Now.
The DMARC host is usually _dmarc. Some DNS providers may automatically append your domain name, so check your provider's formatting rules before saving.
A basic DMARC record may look like this:
Type: TXT
Host: _dmarc
Value: v=DMARC1; p=none
Your Mailcamp account may show a more complete value that includes reporting addresses and alignment options. Use the value shown in Mailcamp for your domain.
DMARC is now part of modern sender requirements used by major mailbox providers. It helps them evaluate whether your email is legitimate.
It reduces the risk of someone spoofing your domain.
It supports better domain alignment for campaign sending.
It gives mailbox providers clearer instructions when authentication fails.
It helps protect your sender reputation over time.
DMARC helps with trust, but it does not guarantee inbox placement. Your list quality, complaint rate, engagement, and content still matter.
If Mailcamp cannot verify your DMARC record or your emails are failing DMARC checks, review these items:
Wrong host: confirm the record is added at _dmarc for the correct domain.
Duplicate records: use only one DMARC record per domain.
Incorrect value: copy the value exactly as shown in Mailcamp.
DNS propagation: wait for DNS changes to update, then verify again.
Alignment failure: make sure your From email uses the same domain you authenticated in Mailcamp.
If you send email from the same domain through multiple platforms, make sure each legitimate sending source is covered by SPF and DKIM before moving DMARC to a stricter policy.