methodology / Security & Infrastructure / #1

DMARC enforcement

live factor #1 · Security & Infrastructure · scoring impl: implemented · weight 3.3%

What we measure

DMARC tells the world to only trust emails that actually came from your domain. Without an enforced policy, anyone can send emails that appear to come from you — and most inboxes will deliver them.

How to improve your score

Add a `_dmarc.<domain>.com` TXT record: `v=DMARC1; p=quarantine; rua=mailto:rua@yourdomain.com` (or `p=reject` for stricter enforcement). Verify with mxtoolbox.com/dmarc.

Data source

Free DNS-over-HTTPS lookup of `_dmarc.<domain>` TXT record cost: Cloudflare 1.1.1.1 DoH — free, unlimited

Implementation notes

Already implemented. Score awards full points only for `quarantine` or `reject`. `p=none` gets partial credit.

Scoring

Scoring formulas are versioned with the methodology. The current method (v1.1.0) maps raw measurements to pass, warn, fail. Factor weights determine how much each contributes to the composite — see the methodology index for the full table.

Version history

← back to methodology