Step by step guide to operate through KDMARC:
Watch the below vidoes to get an idea of the product.
https://drive.google.com/file/d/122ptFmMk0cY10GyulcFq1jtTa0bvJ-St/view?ts=5f8047d7
First step is to add and verify your domain in the Domains section. Once you add the domain you will be given two records one SPF TXT and one DMARC CNAME that you have to update over your DNS.
Here is a video to help you get started with KDMARC: https://youtu.be/sdC0IhPONtY
Please read the article below on how to set up your domain. Once you have verified your domain you will start seeing data on your dashboard, give it a week for data to fully populate.
https://helpdesk.kratikal.com/portal/en/kb/articles/how-to-add-a-new-domain
Once the data starts population on your dashboard, you will start seeing different sections with numbers and colours. PFB the detailed article regarding
How to read the dashboard data
After the data has populated you need to identify the legitimate users of your domain. Our Sources section allows you to view the vendors sending emails from your domain. Configure SPF and DKIM for all your legitimate sources, as you do this you will see your SPF, DKIM and DMARC percentages on the dashboard will increase.
As SPF and DKIM are vendor related you need to contact your sources for these records.
Read the below article to understand the sources section in Detail:
https://helpdesk.kratikal.com/portal/en/kb/articles/how-to-analyze-sources
After identifying your legitimate sources go to the Smart SPF section to add and manage your SPF records directly from the tool and add your DKIM on your DNS.
Read the below article for more information.
https://helpdesk.kratikal.com/portal/en/kb/articles/how-smart-spf-works
Once you have correctly configured your SPF and DKIM for all your genuine sources you can use the KDMARC assessment tool in the KDMARC tools section to know if they have been configured correctly. Just send a test mail, from each source and domain you would like to test for DKIM, SPF and DMARC configuration, to the email address provided. You can also view details to get in-depth information of your mail flow.
You can also use https://kdmarc.com/domain-checker? To check your domain configuration.
PFB the article on how to access the email assessment tool:
https://helpdesk.kratikal.com/portal/en/kb/articles/how-to-use-investigate-tool
Note: If your DMARC policy is set to none, you will the message that “Valid DMARC record not found” as none is just the monitoring policy for your outbound mail flow. This will change once you move to higher DMARC policies like quarantine and reject.
If you see that even after setting up SPF and DKIM records your sources still fail DMARC then you can go to the sources section to get more information and to find the possible reason leading to emails failing DMARC. It might be due to from domain and SPF domain alignment as the return path is not set up.
PFB article on understanding the difference between SPF and SPF result and DKIM and DKIM result:
What is the difference between SPF results and SPF?
What is the difference between DKIM results and DKIM?
Once everything is configured correctly you can move to higher DMARC policies to stop unauthorized senders from utilizing your domain.
PFB the below article on how to use SMART DMARC to change your DMARC policies:
https://helpdesk.kratikal.com/portal/en/kb/articles/what-is-smart-dmarc
https://helpdesk.kratikal.com/portal/en/kb/articles/how-smart-dmarc-works
Note: This feature is only available when you add the CNAME DMARC record over your DNS. The CNAME record will enable you to manage your DMARC settings directly from the dashboard.
You can also go to the Classification section to identify the genuine sources and authorize them, for accurate analysis of the sources posing threat to your domain. In case you don’t classify a genuine source, it may lead you to falsely perceive that source as a threat.
https://helpdesk.kratikal.com/portal/en/kb/articles/what-is-classification-and-how-is-it-useful
Feel free to contact the support@kratikal.com if you face any queries.