Hi when I use the MXTOOLS for DMARC there's an error can you help me? here's the error.... DMARC Policy Not Enabled What you see when your domain has this problem No DMARC Protection
What do you do when you go to the DNS settings at your registrar and discover that there are already CNAME values in the record, but they are not the same ones provided by your email host? Do you edit the values? Do you add the new values? Do you delete the existing CNAME values and start over? Thanks for the content!
Thanks for your video. I have two email addresses to my business do you know if I should add both to my dmarc records? There seems to be conflicting ideas out there saying it is possible but, they can cause problems adding more than one email address to the dmarc record?
Yet another super helpful tutorial! Some questions: How long should you monitor before switching DMARC from none to quarantine to reject? How do I monitor it, just by the report option? What am I looking for? Lastly, how do I make sure my O365 is processing DMARC for my inbound mail correctly?
I have set all of these up as per the video and I still find some of my emails going to spam on test emails. I only set up the domain and emails yesterday so maybe it will take a few days to sort itself out? Some will go into the inbox I send them to and others will go into spam just seems to be the luck of the draw. Is there anything I may be missing or do new domains usually take a few days to work properly? Thank you. Great video for setting everything up!
This is awesome video, got a ticket where multiple users could not email outbound. Struggled a lot on it since I'm not to experienced with SPF, DKIM, or DMARC but man this video would've 100% helped me a lot if I found it sooner lol.
I set up an automatic reply, but it only works in Teams. Recipients inside and outside the organization aren't receiving an email reply. However, they can see the message header at the top of the email, which displays the automatic reply message in red. Note: This problem only happens with my custom domain. No rules have been set up, and I sued a private window, but it didn't work. I used another domain, and it worked. What could be the reason, and how can I figure it out?
Hey mate, I am tearing my hair out. I'm trying to authenticate a subdomain with Brevo which is an email platform but I use Microsoft for my main domain for emailing. The records are entered in Microsoft but will not authenticate on Brevo's side. Microsoft agents are absooutely useless. I purchased my domain with Crazydomains but they say I have to enter the records with MS as they host my emails which is fine. They are updated. Any ideas?
Excellent video. Is MXtoolbox a good test for DKIM? It never seems to find my DKIM records. I not sure if I'm not using the correct format in my DKIM lookup for what, but I'm sure the DNS records are correct as you've done them here.
@@bearded365guy Arrr I figured out what I was doing wrong with the MXtoolbox DKIM checker. For the selector I was putting email like is shown in the MXtoolbox example. But for M365 the selector is selector1. If I use selector1 in the checker then the result comes back as valid.
Thank you so much @JonathanEdwardsTech. You have just made this thing so much easier to understand and now implement. Am so much more confident in being able to deploy this to my own domain and then go on from there. Keep up the great videos you keep posting.
Thanks for the best explanation I've seen. Most tutorials need another tutorial to explain what they've just said, they tie you in knots. This is the most human way of explaining that I've heard, even just saying "it's not important what DKIM stands for," is a real help.
Great video Jonathan. Two questions. Can I remove the TXT record when the SPF has been verified in O365. Where are the DMARC settings I need to put into my public DNS console? Thanks
No, don’t remove the SPF TXT record For the DMARC settings look at step 4 learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide#set-up-dmarc-for-outbound-mail-from-microsoft-365
This is very helpful. Thank you! That said, I am getting an error on DKIM and DMARC within MXtoolbox. Do you have the exact text to copy for DMARC or know where I can find? Also, my CNAME defaults to 14400 TTL. Should I have used 3600 for the DKIM?
Thank you for the clear definitions of each email security checks. Do you have any recommendations for passing the new google strict policies that are being enforced? Wondering if you will make a video regarding those changes? Cheers.
Thanks! Great info. Sucks that M$ doesn't at least create a DKIM record by default when they hold the DNS for a domain in their own nameservers. And FFS, they could at least link from the DNS page to the authentications settings where this is created.
Dude, I did the configuration and after a month my emails went back to the spam folder. Even not sending it to a large number of users. Can you help me with a solution?
Thanks for the content it was super helpful my 365 domains now have the 3 of them. One question, if Im getting what i think is spoofed emails from a company(they contain weird attachments and htmls with phishing) and when I check they dont have DMARC or DKIM but spf is correct. I might be wrong but doesnt SPF should avoid anyone from spoofing their emails? Does that mean that the emails are being sent from a genuine person in their company? Thank you!
Haha i answered myself while reading more about this, the other company is using an SPF record with the ~all which means it will allow softFails, i checked the spoofed mail in question and it said it softFailed. Does that mean that there is no other way to avoid spoofed emails if the companies I work with dont implement DMARC? THx!
This seems be mostly applicable to sending emails outside of our domain, does these setting helps in curbing malicious phising email sent from outside of the domain? or the security is only meant for sending emails outside?
SPF, DKIM and DMARC are all designed to protect against malious use of your domain by others, by enabling recipient systems to identify mail sent by your domain as being genuine - or not! So yes, you're correct, they only apply to mail sent by your domain, they don't provide any protection or filtering against incoming phishing or other malicious or junk email. That's done by your email host and their mail filtering, or by a 3rd party mail filtering service if you use one.
Fantastic video. I look after 365 for a charity I work with and they started getting rejections for email shots to members from Yahoo and it looks like Dkim and Dmarc need setting. It all looks a bit daunting but I think I can give it a go after watching this. Many thanks. Subscribed.
@@recentupdates3272 Thanks. Just getting all my stuff in order as to what to do and where to do it and ill give it a go. Hosting is Zen and I have support for 365 through Microsoft so I should be ok.