Hexamail Nexus Administration Guide - DKIM Selector - DMARC

DMARC

DMARC standardizes how email receivers perform email authentication using the well-known SPF and DKIM mechanisms. This means that senders will experience consistent authentication results for their messages at AOL, Gmail, Hotmail, Yahoo! and any other email receiver implementing DMARC. This is hoped to encourage senders to more broadly authenticate their outbound email which can make email a more reliable way to communicate. A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes – such as junk or reject the message. DMARC removes guesswork from the receiver’s handling of these failed messages, limiting or eliminating the user’s exposure to potentially fraudulent and harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation.

DMARC

   Domain-based Message Authentication, Reporting and Conformance

Domain Policy Type
The policy that defines how you would like the ISPs to handle messages that failed SPF and DKIM. If you are unsure if your domain is authenticating all emails choose 'None'. You will still receive reports.
None
Subdomain Policy Type
The policy that defines how you would like the ISPs to handle messages that failed SPF and DKIM from a sub domain. If you are unsure if your sub domains is authenticating all emails choose 'None'. You will still receive reports.
None
DKIM Identifier Alignment
If your emails adhere to strict DKIM, you can set to "Strict". We recommend leaving it as "relaxed".
Relaxed
SPF Identifier Alignment
If your emails adhere to strict SPF, you can set to "Strict". We recommend leaving it as "relaxed".
Relaxed
Aggregate Email To (RUA)
The email where you want to receive reports from the ISPs of which messages failed SPF and DKIM checks (DMARC) for your domain.
RUA Max Size
The maximum size of of the RUA email files to send, most email servers have size restrictions. Set to 0 to not enforce a size restriction.
2 mbytes
Forensic Email To (RUF)
The email where you want to receive sample messages that are failing SPF and DKIM checks (DMARC) for your domain.
RUF Max Size
The maximum size of the RUF email files to send, most email servers have size restrictions. Set to 0 to not enforce a size restriction.
2 mbytes
Report Format
You can choose to have reports sent in one of two different formats, 'iodef' Incident Object Description Exchange Format or 'afrf' Authentication Failure Reporting Format.
afrf
Report Interval
The time in minutes that aggregate reports should be generate between 1 and 999999. 1440 represents 1 day
1440 mins
Percent to check
The percent of the messages from your domain you want to ISPs to check, we recommend 100%
100 %

   DNS Entries Required

Refresh Key
DMARC Record