dmarc
5 posts
- 01dmarc5 min read
How to Set Up SPF, DKIM & DMARC for Microsoft 365
The exact SPF record, the two DKIM CNAMEs, and the DMARC record Microsoft 365 needs — plus the Defender-portal step that actually turns DKIM signing on for your domain. A no-consultant setup.
- 02dmarc6 min read
How to Set Up SPF, DKIM & DMARC for Google Workspace (2026 Guide)
The exact SPF, DKIM, and DMARC records Google Workspace needs — in the right order, with the gotchas that quietly break authentication. A no-consultant setup you can finish in an afternoon.
- 03dmarc6 min read
Subdomain DMARC: Why the sp= Tag Matters More Than You Think
Does p=reject cover your subdomains? Usually yes — but one tag can silently undo it. How subdomain policy inheritance really works, and how to lock down the dormant subdomains attackers love.
- 04dmarc4 min read
Reading DMARC aggregate reports: what the XML is actually telling you
Aggregate reports are how you find out who is sending as your domain — legitimate or not. Here's how to read the XML, what each field means, and how to spot spoofing.
- 05dmarc6 min read
The DMARC rollout playbook: none to reject without breaking mail
Moving from p=none to p=reject is where most DMARC projects stall — usually from fear of blocking legitimate mail. Here's a staged, evidence-driven path to full enforcement.