WP Engine Products

WordPress Hosting

Boost performance while managing less

WooCommerce Hosting

Build faster and sell more with WooCommerce

Headless WordPress

Build, deploy, and manage headless sites

View More Products

Solutions

Small Businesses

Enterprises

Agencies

eCommerce

View More Solutions

Website Tools

Smart Plugin Manager

Website Tester

Website Monitoring

WordPress Themes and Tools

Local WordPress Development

Featured Plugins

Advanced Custom Fields

Build rich, custom content editing experiences

WP Migrate

Migrate WordPress sites with confidence

WP Offload Media

Offload media assets & serve them lightning fast

WP Offload SES

Improve email send reliability with Amazon SES

View More Recommended Plugins

WordPress Resources

WP Engine Resources

Articles and videos for help with WordPress

WP Engine Help Docs

Guides for site setup & troubleshooting

Free Website Migration

Automated migration plugin & support

Find a WordPress Agency

Need help? Search our agency directory

Stay Connected

WP Engine Blog

Builder Community

Headless Developer Community

Torque Magazine

Velocitize Magazine

Thought Leadership

Velocitize Talks

Erik Posthuma of Aleph-labs on Web3, Cryptocurrency, & More

Podcast

Press This, the WordPress Community Podcast

Study

The World’s First Study of the WordPress Economy

Why WP Engine?

Our Platform Technology

Managed WordPress Hosting

Fast WordPress

Secure WordPress

24/7 WordPress Support

About Us

WP Engine Reviews

How You Win with WP Engine

Build faster, protect your brand, and grow your business with the #1 WordPress platform to power remarkable online experiences.

Learn More

Customer Spotlight

Peak Performance With Headless WordPress

Android Authority increases speed 6x by adopting a headless architecture with a WordPress back-end.

All Case Studies

Contact sales

Call Us

+1-512-273-3906 to talk to a sales expert

Request a Quote

Submit a request for a personalized plan recommendation

Let’s Chat

Customer Support

Support Articles

Billing Help

Password Help

Log In for Support
Easiest Migration Ever!

Need Help Choosing a Plan?

We offer solutions for businesses of all sizes. For questions about our plans and products, contact our team of experts. Get in touch

Support Center
Setup A Site
Account & Features
Platform Information
WordPress Help
Troubleshoot
Browse All

DMARC Policies for Email Deliverability

Last updated on May 31st, 2023

DNSemailTroubleshoot

If you send email from an address associated with your domain name you can use a DMARC record to help improve the trustworthiness of your email communications among your recipients. WP Engine does not host DNS or email, however it’s  still important to understand what can be done to improve email deliverability if you’re having issues.

Contents hide
1 About DMARC
2 Configure DMARC
3 Best Practices for Email Records with WP Engine
3.1 SPF (Sender Policy Framework) Records
3.2 DKIM (Domain Keys Identified Mail) Records

About DMARC

DMARC stands for Domain-based Message Authentication Reporting and Conformance. It exists to improve reporting on email trustworthiness, and therefore encourage successful email delivery. DMARC uses the SPF and DKIM protocols in 3 primary ways:

  1. Adding From: fields
  2. Setting policies for how to handle rejection and delivery failures
  3. Adding regular reporting from recipients to domain owners

After an email passes standard validation tests (checking whether the sender’s IP was blocklisted, etc), the recipient’s mail server validates the DKIM and SPF records and applies the DMARC policy.
Then, a report of how the email server handles the email message (accept, quarantine for extra checks, or reject) is generated and sent on a regular basis to the domain owner.

source: https://dmarc.org/overview/

You can find great documentation as to how DMARC works on their Overview page (external link).

Configure DMARC

DMARC policies are set with your DNS host as a TXT record. The values you set in the TXT record make up the DMARC policy. DMARC TXT records adhere to a tag=value;tag=value format. There are a number of DMARC tags that can be used when configuring your DMARC records. See DMARC documentation for more information.

The DMARC documentation gives the following example TXT record for “sender.dmarcdomain.com”:

v=DMARC1;p=reject;pct=100;rua=mailto:[email protected]

Let’s dissect the pieces of this record a bit further to understand what they mean.

  • v=DMARC1 is the type of TXT record, or protocol version. We are using DMARC1 as the value in this scenario.
  • p=reject is the action that should be taken by recipients if a message they received does not align with SPF and DKIM records. In this case the record says to reject any messages that do not align with the policy.
  • pct=100 is the percentage of emails that are subject to filtering by recipients. In this example, 100% of emails should be filtered.
  • rua=mailto:[email protected] says to send the aggregate reports generated to the [email protected] email address.

NOTE

DMARC is configured with your DNS provider, therefore WP Engine Support cannot assist with configuring or troubleshooting these records.

Best Practices for Email Records with WP Engine

It is always recommended to use a third party email host, rather than sending from WP Engine’s default mail services. This allows more control for your team over the sending policies and logging.

However, if you must send regular WordPress email (password resets, etc) through WP Engine you may need to ensure our mail relay services are allowlisted in your email records.

Both record types below will be configured with your DNS host.

SPF (Sender Policy Framework) Records

WP Engine servers use the email relay service MailChannels to deliver emails sent from WordPress. As such, we highly recommend allowlisting email sent through MailChannels in your SPF records.

An SPF record is set as a TXT record similarly to DMARC, like so:

v=spf1 include:relay.mailchannels.net ~all

If you already have an SPF record, simply add the MailChannels relay to the existing record rather than adding a separate record. For example: v=spf1 include:sendgrid.net include:mailgun.org include:relay.mailchannels.net ~all

DKIM (Domain Keys Identified Mail) Records

This record authenticates an email message and notes if it was truly sent from your domain. Setting up DKIM involves determining which domains are approved to send mail for you, and then generating a public/private key pair.

Your public key will be added as a TXT record created at your DNS host, while your private key will be saved with your mail relay service. As WP Engine does not host your email records, our Support team cannot assist you in finding the proper value for this record or in storing the private key for mail relay services.

NEXT STEP: Learn how to configure a third party email host

Still need help? Contact support!

We offer support 24 hours a day, 7 days a week, 365 days a year. Log in to your account to get expert one-on-one help.

Log in for one-on-one help

The best in WordPress hosting.

See why more customers prefer WP Engine over the competition.

See Our Products

See Our Plans