Get your domain protected with DMARC monitoring in under 10 minutes. This guide walks you through creating your account, adding your DMARC record, and viewing your first reports.
🗺️ The Journey at a Glance
Create Account
Choose a selector & verify email
Add DNS Record
Add a DMARC record to your domain’s settings
Test Your Setup
Send a test email to verify
Monitor Reports
View results on your dashboard
1
Create Your Account
Head to the registration page to create your free DMARC Cloud account. You’ll need two things:
Your selector is a unique identifier that becomes part of your DMARC reporting email address. For example, choosing acmecorp gives you the reporting address acmecorp@dmarccloud.com.
We’ll send a verification link to confirm your account. After verification, you’ll set a password and can optionally enable two-factor authentication for extra security.
- Use 3–30 characters: lowercase letters, numbers, and hyphens
- Pick something memorable like your company name or domain
- One selector can monitor multiple domains — you don’t need one per domain
- You can always add more selectors later if you want to organize by region or business unit
After Registration
Once you click the verification link in your email, you’ll land on the setup page where you:
- Set a password — minimum 12 characters with uppercase, lowercase, and a number
- Enable two-factor authentication (recommended) — use an authenticator app like Google Authenticator or 1Password. You’ll receive backup codes in case you lose your device.
- Optionally add a passkey — for passwordless login using your fingerprint, face, or hardware security key
2
Add Your DMARC DNS Record
Now you need to tell email providers to send DMARC reports to your DMARC Cloud address. This is done by adding (or updating) a setting in your domain’s public directory (called a DNS TXT record).
Your DMARC Record
Replace your-selector with the selector you chose during registration:
v=DMARC1; p=none; rua=mailto:your-selector@dmarccloud.com
| Record Type | TXT |
| Host / Name | _dmarc |
| Value | The full record above |
| TTL | 1 hour (or your provider’s default) |
Not sure how to add DNS records? We’ve got step-by-step guides for popular providers:
The record above uses p=none, which means “monitor only” — it collects reports without affecting email delivery. This is the recommended starting point. Once you’ve reviewed your reports and confirmed all your legitimate email sources pass verification, you can gradually move to quarantine and reject.
If your domain already has a _dmarc record in its settings, don’t create a second one — that will cause problems. Instead, update your existing record to add the DMARC Cloud reporting address to the rua setting (the report delivery address). You can use our DMARC Record Generator to rebuild your record — it will detect your existing settings automatically.
3
Test Your Email Authentication
Don’t wait 24 hours for your first DMARC report — you can instantly verify your SPF, DKIM, and DMARC setup using the Email Authentication Testing tool.
How to Test
- Log in and go to the Email Tests page
- Copy your test address:
your-selector@test.dmarccloud.com - Send an email from the domain you want to test to that address
- Wait a few seconds and click Refresh
- View instant results for SPF, DKIM, DMARC, spam, and virus checks
Click any result row to see the full technical breakdown — including the email verification details, DKIM digital signatures, the sending server’s address, and detailed pass/fail results for each check. This is invaluable for troubleshooting.
Learn more about this feature: Email Authentication Testing →
4
Monitor Your Reports
Once your DMARC record is live, email providers like Google, Microsoft, Yahoo, and others will start sending daily aggregate reports to your DMARC Cloud address. These typically begin arriving within 24–48 hours.
Your dashboard shows you:
Domain Overview
All domains reporting to your selector, with pass/fail summary
Authentication Results
SPF, DKIM, and DMARC pass/fail counts per domain
Sending IP Breakdown
See exactly which servers are sending as your domain
Understanding Your Reports
DMARC reports are data files that can be overwhelming to read in their raw form. DMARC Cloud processes these automatically and presents the data in a clear, visual format. Here’s what to look for:
Email was sent by an authorised server and verification succeeded. This is what you want to see for all legitimate senders.
Authentication failed. This could be a spoofing attempt, or a legitimate sender that isn’t properly configured. Check the sending IP to determine which.
- Identify all legitimate sending sources (your mail server, marketing tools, CRM, etc.)
- Make sure each one passes SPF and/or DKIM
- Check that the verification aligns with your From domain
- Once everything passes, move from p=none to quarantine and eventually reject
🌐 Monitoring Multiple Domains
A single selector can receive reports from multiple domains. Just add the same rua=mailto:your-selector@dmarccloud.com reporting address to each domain’s DMARC record. All reports will appear on your dashboard, organised by domain.
If you prefer to separate reporting by team or region, you can create additional selectors from your account settings. Each selector has its own dashboard view.
🔒 Account Security
DMARC Cloud supports multiple layers of account security:
Minimum 12 characters with complexity requirements. Accounts are temporarily locked after 5 failed attempts.
Add a second factor via any authenticator app. Backup codes provided for emergency access.
Passwordless login using your fingerprint, face recognition, or a hardware security key.
Manage your security settings anytime from the Settings page after logging in.
📚 What’s Next?
Learn about DMARC
Understand how DMARC ties SPF and DKIM together
DMARC Record Explained
Understand every tag in your DMARC DNS record
Implementation Guide
Full walkthrough: audit, configure, monitor, enforce
Email Testing Guide
Instantly verify your SPF, DKIM, and DMARC setup
DMARC Record Generator
Build or update your DMARC record with our interactive tool
Common Mistakes
Avoid the pitfalls that trip up most people