DMARC alert on site health check

Hi @cfm168,

Thanks for reaching out. You can check the MX Lookup tool to check if your domain has a DMARC record. Please note that the DNS propagation might take up to 48 hours. In case it helps, we have an article on the DMARC record that you might want to check.

I hope this helps!

@sanzeeb3,

Thank you for your prompt response. After checking MX lookup, I found 2 issues:
DMARC Record Published – No DMARC Record found
DMARC Policy Not Enabled

I will wait 2 more days for the DMARC Record and let you know.

Please advise how to enable DMARC Policy?
My domain email is hosted by Google, should I enable it from Google? how?

Thanks in advance!

My domain emails are hosted by Google. Do I have to select Google/Gmail as mailer and create web app from Google Claud Platform? I do not want to use Google as mailer because this will allow wpmailsmtp.com to Read, compose, send and permanently delete all my email from Gmail, it sounds too frightening.

Instead, in order to setup DMARC, can I select my web host’s smtp as mailer?

I am using my host’s smtp as mailer and it works fine. I had problems with the DKIM Signature when sending emails via Contact Form 7 and the normal WordPress way, but when I used WP Mail SMTP and chose Other SMTP with the smtp of the host, encryption SSL (TLS didn’t work for me), the right port, authentication On, filled in the username and password, it worked. The DKIM Signature also showed up.

Hopefully this helps for you.

Hi @wendihihihi,

Thank you for your post. I tested with encryption SSL instead of TLS, still not working even test email is sending. Still showing DMARC- Action Recommended alert.

My domain email is hosted by Gmail. I’m wondering Chose Other SMTP(my website host provider) cause the problem?

Not sure if I can select Other SMTP and setup with below:
SMTP Host: smtp.gmail.com
Encryption: TLS
SMTP Port: 587 (or 465 using SSL encryption)
Authentication: On
Username: Your Gmail account email address (e.g., [email protected])
Password: Your Gmail account password`

Maybe I am missing the problem, but if you would use Outlook on your pc, you will also allow it read, compose, send and permanently delete all my email from Gmail if you are using imap.

If you want to keep your email hosting at Gmail and use your webhost’s smtp as mailer, I don’t think that will work.

Maybe I’m going a bit too far off, but if you want to keep it in your own hands, you could try this. Maybe it works for mail hosted at Google.

First, you’ll need to add this snippet to your wp-config.php file — make sure to replace the example data with your own:

// Configures WordPress to use SMTP server
    define( 'SMTP_USER',   '[email protected]' );    // Username to use for SMTP authentication
    define( 'SMTP_PASS',   'SMTP_PASSWORD' );       // Password to use for SMTP authentication
    define( 'SMTP_HOST',   'smtp.smtpserver.com' );    // The hostname of the mail server
    define( 'SMTP_FROM',   '[email protected]' ); // SMTP From email address
    define( 'SMTP_NAME',   'FROM_NAME' );    // SMTP From name
    define( 'SMTP_PORT',   '25' );                  // SMTP port number - likely to be 25, 465 or 587
    define( 'SMTP_SECURE', 'tls' );                 // Encryption system to use - ssl or tls
    define( 'SMTP_AUTH',    true );                 // Use SMTP authentication (true|false)
    define( 'SMTP_DEBUG',   0 );                    // for debugging purposes only set to 1 or 2

Then, you’ll also need to add this code snippet to the functions.php file of your theme.

// Configures SMTP authentication
    add_action( 'phpmailer_init', 'send_smtp_email' );
    function send_smtp_email( $phpmailer ) {
    	$phpmailer->isSMTP();
    	$phpmailer->Host       = SMTP_HOST;
    	$phpmailer->SMTPAuth   = SMTP_AUTH;
    	$phpmailer->Port       = SMTP_PORT;
    	$phpmailer->Username   = SMTP_USER;
    	$phpmailer->Password   = SMTP_PASS;
    	$phpmailer->SMTPSecure = SMTP_SECURE;
    	$phpmailer->From       = SMTP_FROM;
    	$phpmailer->FromName   = SMTP_NAME;
    }

I’m wondering, is there actually a DMARC policy in your zone editor at Dreamhost?
https://help.dreamhost.com/hc/en-us/articles/360022808632-Creating-a-DMARC-policy

Hi @cfm168,

Thank you for the details. You may not necessarily configure the Gmail mailer, the Other SMTP with your web host’s SMTP should also work fine. The DMARC record is specific to your domain and does not relate to the mailer you’ve configured.

Please contact your web host provider (Dreamhost) to add the DMARC record. Note that DMARC record is not mandatory for email deliverability. If you are facing issues with email delivery, you might have to switch to other mailers such as Google instead of using ‘Other SMTP’. Those permissions you’re concerned about are required for the mailer to send emails from your site.

Not sure if I can select Other SMTP and setup with below:
SMTP Host: smtp.gmail.com
Encryption: TLS
SMTP Port: 587 (or 465 using SSL encryption)
Authentication: On
Username: Your Gmail account email address (e.g., [email protected])
Password: Your Gmail account password

You can absolutely use Gmail SMTP as well. Just note that you might need to use an App-specific password instead of your regular Gmail account password. This is specifically required if you have two-factor authentication enabled. Generally, a built-in Gmail mailer is considered more secure than this SMTP approach.

Please do not use the code snippet described above. @wendihihihi – that will overwrite the functionality of WP Mail SMTP.

I hope this clarifies!

@sanzeeb3 thanks. Good to know.

3 days ago my web host provider already added the DMARC record as:
v= DMARC1; p=none; fo=1; rua=mailto:[email protected];ruf=mailto:[email protected];pct=100

With my web host’s SMTP, emails delivery are working fine. But still not clear the DMARC alert. Please advise.

There is a typing mistake in the info email in the DMARC record. It says sicks instead of sticks.

Hi @cfm168 – Unfortunately, I’m not able to check the record without your domain name. If you don’t see a DMARC record in your domain while checking in MX Toolbox, it’s likely that it’s still not added. You should still check with your web host and share the output from MX Toolbox, or your DNS isn’t controlled by your web host.

I hope this helps!

Hi @cfm168, I was able to check your DMARC record with your domain name and found a typing mistake. See my previous post. You don’t need to check with your webhost first but fix the typo first.

I hope this helps

Corrected the typo doesn’t help.

I just added DKIM to my domain DNS (suggested by my web host provider). Will see after 2 days later.

You need to be more careful filling in the key. You wrote v= DMARC1. Notice the space between the = and the D?

I think it’s better to use a DMARC generator, like this one https://easydmarc.com/tools/dmarc-record-generator/

There you can also check if there are any errors. mxtoolbox won’t give you any info on those.

I don’t know how long it takes for the DMARC to show up at mxtoolbox. Might take more time than on easydmarc. It’s valid now.

Just saw that mxtoolbox also shows it’s valid now.

So you can also check the others like DKIM…

• This reply was modified 2 years, 11 months ago by Wendihihihi.
• This reply was modified 2 years, 11 months ago by Wendihihihi.