So you are receiving daily emails from noreply-dmarc-support@google.com, and you are not sure why that is and what these emails even mean?
Usually, these emails also contain a .zip file attachment. Is it spam?
Let’s resolve this email mystery right here and right now:
You are probably the owner of a domain name. And someone (you?) has recently set up a DMARC record.
What’s a DMARC record, you ask?
It has to do with email security. DMARC is a protocol that prevents people from sending emails with your domain name in it.
How do I stop these emails?
To stop them, you need to edit the Domain Name Settings (DNS) of your domain name. You find the domain in question in the email's subject line and in the attachment file’s name.
Let’s say you host your domains at Namecheap. This process is very similar for other domain registrars.
Follow these steps:
- Enter your domain name settings
- Go to DNS or Advanced DNS
- Find a screen like this one:
And there we have the culprit. This TXT Record states your email address.
For example:
v=DMARC1; p=quarantine; rua=mailto:your@emailaddress.com;
To restore your peace again, just remove this part:
rua=mailto:your@emailaddress.com;
Sometimes your email address appears another time. You can remove that part too:
ruf=mailto:your@emailaddress.com;
So in the end you would only have something like this left:
v=DMARC1; p=quarantine;
Ok, but should I really remove it? What am I missing out on?
These emails are sent to domain administrators to inform them of issues related to email authentication, like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) failures.
These notifications are to alert domain owners about potential vulnerabilities or misconfigurations in their email settings, which could lead to spoofing or phishing attacks. It also can alert you to actual spoofing attacks – this is when someone is using your domain name to send emails that appear to be from you.
Generally, you are already doing a lot right by having a DMARC record. If you have set it to “quarantine” or “reject”, spoofing emails will automatically be put in the spam folder or blocked completely.
Check your email authentication setup
You should check your authentication setup by running this quick authentication test. If you pass it, and you are a small email sender, you won’t have any issues removing these alerts. (If you don’t pass it, on the other hand, you need to work on setting it up correctly. This article will help you.)
The thing is, these reports aren’t easy to decipher anyway for someone who isn’t an expert.
If you are still feeling uneasy about not getting the reports, another thing you could do is set up a filter to move the emails into a folder so they don’t clutter your inbox.
Finally, if you are unsure about email authentication, and you want to have it set up by a professional, please consider booking our email authentication service.
For further questions, please leave a comment below!
Our Methodology
This article has been written and researched following our EmailTooltester methodology.
Our Methodology