OOPS! In writing this post I found my error!! I’m leaving the post in case someone else can benefit from my mistake and correction.
If you read below, you’ll see I had both the DKIM and DMARC records with NAME: default._domainkey. The DMARC record should be NAME: _dmarc.
Once I made the correction the DMARC propagated instantly.
The past months I’ve had problems with my emails going into spam boxes and causing quite a lot of problems.
I added a DMARC and CNAME record to CloudFlare weeks ago and tested. The record propagated fairly quickly. I checked with MXToolbox.com, dmarcian.com, and other tools. Also checked the email status by sending an email to gmail and checking status and headers.
All looked OK. Except all tests show the same warning like this one from Dmarcian.
[domain name replaced with x’s in the following]
Your domain has a valid DMARC record but the DMARC policy does not prevent abuse of your domain by phishers and spammers.
After a week I changed the DMARC record on CloudFlare to p=reject from p=none.
All the tests still show the old record with p=none after more than 3 weeks!
The current records added on CloudFlare:
default._domainkey.xxxxxx.com has a record with content v=DMARC1; p=reject; sp=none; pct=100; rua=mailto:[email protected]; ruf=mailto:[email protected]; ri=3600; fo=1.
Name: default._domainkey Here was my error, should be _dmarc
Content: v=DMARC1; p=reject; sp=none; pct=100; rua=mailto:[email protected]; ruf=mailto:[email protected]; ri=3600; fo=1
What have I done wrong? Is there something I should do to get the updated DMARC into play?