To start off with TDMARC, you need to follow the below-given steps.
Step 1: You have to add a CNAME for the host –_dmarc and SPF in your domain.
For “_dmarc.Example.com”, the CNAME will be “Example.com.dmarc.tdmarc.com“.
For SPF Record: v=spf1 include: Example.com.spf.tdmarc.com~all. Hard fail and Soft fail will depend on your previous SPF record. Basically, our entry New Entry will be encapsulating the Existing Entries for your domain.
Note: Initially, we start with “P = none” so that you can analyze the threat level of the domain and how is the domain being used. After some time, we can set the policy as per your requirement or you can change it yourself.
Step 2: It will take some time for the set policy to reflect back in DNS.
Step 3: Once the report starts getting generated, we will provide you with the credentials of TDMARC dashboard.
DMARC policy for your main domain will also cover subdomains unless you want to set a different policy for a subdomain. If you want to set a policy for a specific domain, then, you can use the “sp=” tag in your DMARC record to specify a policy for your subdomains.
Step 4: Once reports are received you will be able to see the sources that send an email on your behalf and any passes or failures with regards to SPF and DKIM for each source. The results of SPF and DKIM are shown with respect to the DMARC identifier alignment.
Step 5: As we provide dynamic SPF and dynamic DMARC, you can make changes in the SPF record or DMARC record by going into the DOMAIN option and change the policy from there.
Step 6: We will provide you with a brief report of your domain every week.