# How to add a DMARC record on Cloudflare In this article, we'll be looking at how you can add a DMARC record. WHAT IS DMARC? According to DMARCian [https://dmarcian.com/why-dmarc/], Domain-based Message Authentication Reporting and Conformance (DMARC) is a free and open technical specification that is used to authenticate an email by aligning SPF [https://dmarcian.com/what-is-spf/] and DKIM [https://dmarcian.com/what-is-dkim/] mechanisms. By having DMARC in place, domain owners, large and small, can fight business email compromise, phishing, and spoofing. Co-authored by DMARCian’s founder, DMARC was first published in 2012. With DMARC, you can tell the world how to handle the unauthorized use of your email domains by instituting a policy in your DMARC record. The three DMARC policies are: p=none Monitors your email traffic. No further actions are taken. p=quarantine Sends unauthorized emails to the spam folder. p=reject The final policy and the ultimate goal of implementing DMARC. This policy ensures that unauthorized email doesn’t get delivered at all. HOW DOES DMARC WORK? DMARC is based upon the results of SPF and/or DKIM, so at least one of those has to be in place for the email domain. To deploy DMARC, you need to publish a DMARC record [https://dmarcian.com/dmarc-record/] in the DNS. A DMARC record is a text entry within the DNS record that tells the world your email domain’s policy after checking SPF and DKIM status. DMARC authenticates if either SPF, DKIM, or both pass. This is referred to as DMARC alignment [https://dmarcian.com/alignment/] or identifier alignment. Based on identifier alignment, SPF and DKIM pass, but DMARC may fail. A DMARC record also tells email servers to send XML reports back to the reporting email address listed in the DMARC record. These reports provide insight into how your email is moving through the ecosystem and allow you to identify everything that is using your email domain. WHY USE DMARC FOR EMAIL? Email is involved in more than 90% of all network attacks, and without DMARC, it can be hard to tell if an email is real or fake. DMARC allows domain owners to protect their domain(s) from unauthorized use by fighting phishing, spoofing, CEO fraud, and Business Email Compromise. By always sending DMARC-compliant email, the operator of an Internet domain can tell the world, “everything I send is easy to identify using DMARC—feel free to drop fake email that pretends to be me.” DMARC’s utility as an anti-spoofing technology stems from a significant innovation; instead of attempting to filter out malicious email, why not provide operators with a way to easily identify legitimate email? DMARC promises to replace the fundamentally flawed “filter out bad” email security model with a “filter in good” model. BENEFITS OF DMARC If you use email, you’ll benefit by incorporating DMARC. When strong security controls are deployed against fraudulent email, delivery is simplified, brand reliability increases, and visibility is granted to domain owners on how their domains are being used around the Internet. Security Disallow unauthorized use of your email domain to protect people from spam, fraud, and phishing. Visibility Gain visibility into who and what across the Internet is sending an email using your email domain. Delivery Use the same modern plumbing that mega companies use to deliver email. Identity Make your email easy to identify across the huge and growing footprint of DMARC-capable receivers. ADDING THE RECORD TO YOUR CLOUDFLARE ACCOUNT Adding the record to your Cloudflare account is simple and easy. Follow the steps below 1. Log in to your Cloudflare account 2. Head over to manage a domain 3. Click on DNS settings 4. You should see an alert to add a DMARC policy for your domain     5. Add an email you'd like all your DMARC reports to be sent to (Please make sure that this email address is an email address that is not in usee as there will be a lot of DMARC reports sent at a time)        Our suggestion: Create an email address dmarc@yourdomain [dmarc@yourdomain] and use it as an address for reports to be sent to.       After entering the email address, click on the submit button and hit the confirm button. You're done! Please rate the article below. Should you require help, please create a support ticket.