Windows 2025
Sponsored Link

DNS Server : Add DMARC record2024/11/28
 

Configure a DMARC (Domain-based Message Authentication, Reporting, and Conformance) record to indicate that your mail server is protected by SPF/DKIM.

DMARC is a setting that registers in your DNS record what to do when SPF or DKIM authentication fails, and instructs the recipient of the email.
Therefore, configure SPF record setting and DKIM setting on Mail server side in advance.

For information on how to write an DMARC record, please see [2] here.

[1] Configure a DMARC record in the zone file that contains the target domain name. 
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# set the contents of the DMARC record and register it
PS C:\Users\Administrator> $recordtext="v=DMARC1; p=none;" 
PS C:\Users\Administrator> Add-DnsServerResourceRecord -Name "_dmarc" -DescriptiveText $recordtext -Txt -ZoneName "srv.world" -PassThru 

HostName                  RecordType Type       Timestamp            TimeToLive      RecordData
--------                  ---------- ----       ---------            ----------      ----------
_dmarc                    TXT        16         0                    01:00:00        v=DMARC1; p=none;

PS C:\Users\Administrator> Get-DnsServerResourceRecord -ZoneName "srv.world" | Format-Table -AutoSize -Wrap 

# DMARC record has been added
HostName RecordType Type Timestamp TimeToLive RecordData
-------- ---------- ---- --------- ---------- ----------
@        NS         2    0         01:00:00   rx-7.srv.world.
@        SOA        6    0         01:00:00   [8][rx-7.srv.world.][hostmaster.srv.world.]
@        TXT        16   0         01:00:00   v=spf1 +ip4:172.16.0.82 -all
_dmarc   TXT        16   0         01:00:00   v=DMARC1; p=none;
fd3s     CNAME      5    0         01:00:00   rx-7.srv.world.
rx-7     A          1    0         01:00:00   10.0.0.101
RX-8     A          1    0         01:00:00   10.0.0.102
RX-8     MX         15   0         01:00:00   [10][rx-8.srv.world.]

# verify
PS C:\Users\Administrator> Resolve-DnsName _dmarc.srv.world -Server 127.0.0.1 -Type txt 

Name                                     Type   TTL   Section    Strings
----                                     ----   ---   -------    -------
_dmarc.srv.world                         TXT    3600  Answer     {v=DMARC1; p=none;}

# if remove it, run like follows
PS C:\Users\Administrator> Remove-DnsServerResourceRecord -ZoneName "srv.world" -RRType "TXT" -Name "_dmarc" -RecordData "v=DMARC1; p=none;" -PassThru 

Confirm
Removing DNS resource record _dmarc of type TXT from zone srv.world on RX-7 server. Do you want to continue?
[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): Y

HostName                  RecordType Type       Timestamp            TimeToLive      RecordData
--------                  ---------- ----       ---------            ----------      ----------
_dmarc                    TXT        16         0                    01:00:00        v=DMARC1; p=none;
DNS Server : Add DMARC record (GUI)
 

On GUI configuration, set like follows.

[2] Run Server Manager and select [Tools] - [DNS], next right-click the domain name to show menu on the left pane, then select [Other New Records].
[3] Select [Text (TXT)] .
[4] Enter [_dmarc] in the [Record Name] field at the top, and enter the text you want to set for DMARC in the [Text] field at the bottom.
[5] You will be returned to the original screen, so click the [Done] button to complete the setup.
[6] The TXT record for DMARC has been added.
Matched Content