Step 1 - Configuring DMARC on Your Domain

Last updated on 2024-03-15 16:27:00

Note that when you first configure DMARC, it is in Reporting Mode only – it reports issues but does not protect against them.
You must complete all three steps of this process to enable DMARC enforcement:

Step 1 - Configuring DMARC on Your Domain (this step)
Step 2 - Working with Email Sources
Step 3 - Enabling DMARC Enforcement

If your Microsoft 365 account is connected to Barracuda Networks, start with Setting up Domain Fraud Protection with Microsoft 365 below. Your domains will already be visible on the Domain Fraud Protection page.
Otherwise, start at Setting up Domain Fraud Protection in Standalone. You will have to manually add and verify your domains.

Setting up Domain Fraud Protection with Microsoft 365

To configure DMARC on your domain, complete the following steps:

Log into Barracuda Domain Fraud Protection at https://login.barracudanetworks.com/signin.
On the left navigation menu select Domain Fraud Protection.
Domains associated with your Microsoft 365 account are visible in the table, with the status of Not Configured. They are verified as your domains and need to be configured for DMARC.
(For information on configuring domains not affiliated with your Microsoft 365 account, see Setting up Domain Fraud Protection in Standalone.)
Locate a domain you want to configure and click Set Up DMARC Reporting and follow the instructions.
Begin by checking that your SPF record is valid. Click Check My SPF.
If your SPF record is valid, you can continue by clicking Configure DMARC.

If you need to configure your SPF record, follow the instructions, then click Check My SPF.
Configure your DMARC record according to the instructions on the screen. After you update your DNS record, wait a few minutes and then click Check My DMARC to confirm the DNS update.
Note that DMARC records are not case sensitive.

Example of a DMARC record: v=DMARC1; p=none; fo=1; rua=mailto:rua+cudadmarctest.net@dmarc.barracudanetworks.com; ruf=mailto:ruf+cudadmarctest.net@dmarc.barracudanetworks.com

Clicking the DMARC value within the wizard will copy the entire string to your clipboard

The status of your domain is now Reporting Only. It will report, but not enforce DMARC.

Repeat this step for all the domains you want to protect with DMARC.

Continue with Step 2 - Working with Email Sources.

Setting up Domain Fraud Protection in Standalone

Domains that do not automatically appear in the Domains table must be set up manually. If you want to configure a domain for DMARC, you must verify ownership of the domain by adding a text record on the domain host service.

To add and configure a domain for DMARC protection:

At the top of the Domains page, click Add Domain for DMARC Reporting.
Provide the Domain Name, in the format example.com, then click Next.
Verify that you own the domain by adding the text record specified in the instructions. Then click Next.
As noted on the screen, this action verifies that you own the domain. It is not used for protecting your domain.
The system verifies your ownership of the domain. Click Finish to complete the process.
Go to the top of the page and follow the instructions for configuring DMARC on this new domain.