DMARC policy is not enabled

Hello, we have added a DMARC record and we could see that the DMARC value is verified.
However, the DMARC policy is not enabled hence we are facing the issue that emails sent are landing into spam. How can we fix this issue?
Image

The DMARC status as shown in your linked image will be shown as PASS or FAIL, as soon as you have a β€œ_dmarc” record set for the domain in header β€œFrom:”, regardless of it’s policy.

Both Google (Gmail) and Yahoo have ramped up their requirements for what messages they want to receive, starting from February 1, 2024.

Is this a test message you sent to yourself, … or?

There are things left out from this screenshot, such as e.g. the From: field.

If that line says:

From: John Doe <[email protected]>

What exactly would the example.com part be?

In addition to that, -

In the large field of message headers below, what exactly do you see, named β€œAuthentication-Results:” and β€œARC-Authentication-Results:”?

1 Like

Hey Thank you, it’s like this . I have send an email to my own personal account. I am not able to find the problem here.

Your screenshot indicates that the problem is an alignment issue. This means that you are not using matching domains as required by DMARC. You can learn more about this in the article linked at the end of this reply.

You sent email using a From domain of coachfoundation.com. You DKIM signed it using the domain kcoachfoundation.com. The domains are different which means that the coachfoundation.com email cannot be authenticated that way.

You dont show the envelope sender, aka the return path, which is used by SPF, but since it passed it has to be in the kcoachfoundation.com domain.

In order for SPF to be used to pass DMARC the return path domain needs to match the From domain. We know that your message does not have a coachfoundation.com address in the return path because that domain has an invalid SPF caused by the 18 DNS lookups required to complete it. SPF has a hard limit of 10 DNS queries.

You can see the problems with that SPF record in the dmarcian SPF Surveyor.

You can learn about the alignment requirements of DKIM in this article.

Hey, Thank you for helping me out here.

1 Like

Hey, How can i fix up my SPF as we need those records?

You are going to need to review the content of the invalid record and identify unnecessary data that is causing the record to exceed the limits. There is no magic solution. It is going to require knowledge of both your infrastructure and how SPF works as well as hard work.