Configure DMARC for Zimbra mail server 8.8.12

This entry is part 6 of 7 in the series Install Zimbra Mail Server 8.8.12

SystemMen - This article will show you how to configure DMARC for Zimbra mail server 8.8.12.

After configuring DKIM, SPF, we will now configure DMARC. Here are 3 essential information to protect your mail server, so you can send mail securely.

What is DMARC?

According to information from Zimbra, we define DMARC as:

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols.

It seems a little confusing to you, but you should understand it simply. DKIM combined with SPF, and now DMARC, all of these technologies are primarily to make sending emails from your Zimbra mail server more reliable.

Other mail servers around the world will trust your system, they will distinguish whether your email is fake or not.

Take a look at the image below, the source image from Zimbra. You can understand what DMARC will do in the process of receiving emails.

configure-dmarc-for-zimbra-mail-server-8-8-12-01 Configure DMARC for Zimbra mail server 8.8.12
Describe how DMARC works. Source: Zimbra.

If the DMARC of the email is sent to the pass, the mail will be put into the inbox, otherwise, it may be put into spam or returned.

How to configure DMARC for Zimbra mail server?

Now, we will ask DMARC for Zimbra mail server. How will we do that?

First of all, you need to grasp the following, where is DMARC configured? It does not configure directly on the Zimbra server, it is configured on a public DNS like SPF.

Note: DMARC have to configure on public DNS, not on Zimbra server or internal DNS.

Use DMARC Record Assistant to create DNS record

As well as using the tool to create SPF records, we will also use tools (websites) to create DMARC record for your mail domain.

You can visit this website to create DMARC records.

You enter your domain and select the options as shown in the image below, then click the Get DMARC Record button.

configure-dmarc-for-zimbra-mail-server-8-8-12-02 Configure DMARC for Zimbra mail server 8.8.12
Use DMARC Record Assistant to create record.

You will get the result as image below. You need to pay attention to the following 3 contents:

  • DMARC record for:
  • Record should be published at
  • v=DMARC1; p=quarantine;;; sp=quarantine

Create a public DNS record

Now we will create DNS record for DMARC for your mail domain.

Host recordTypeValue
_dmarcTXT“v=DMARC1; p=quarantine;;; sp=quarantine”

Note: Notice the double quotes in the Value section.

Check that the DMARC record is correctly

Now go to the DMARC test page, enter your domain in the Domain Name box and click the DMARC Lookup button.

If you have set up exactly what I instructed, the results will be correct and the test fields are green.

configure-dmarc-for-zimbra-mail-server-8-8-12-04 Configure DMARC for Zimbra mail server 8.8.12
Use MXToolbox to check DMARC record is correctly.


I have instructed you to configure DMARC successful for your mail domain. Until this article, you have successfully configured DKIM, SPF and DMARC. Once fully set up, your Zimbra mail server can send mail to other mail servers around the world.

In the next article, I will talk about the final part of installing the Zimbra mail server, which is checking the Black List.

Continue reading the series«« Previous part: Configure SPF for Zimbra mail server 8.8.12Next part: Configure reverse DNS for Zimbra and check Black List »»

«« »»