How to add a DMARC record in cPanel Zone Editor

Category: cPanel

DMARC is a DNS record that tells receiving mail servers what to do with messages that claim to come from your domain but fail SPF or DKIM checks. Having it set up helps your legitimate email reach the inbox and makes it harder for someone to spoof your domain.

In this guide you’ll check whether your domain already has DMARC and then add or update the TXT record from Zone Editor in cPanel.

Before you start

  1. Your domain must use cPanel’s DNS for your account. If your DNS is hosted elsewhere (for example Cloudflare or your registrar), add the same value in that panel or contact support.
  2. You should already have SPF and DKIM set up, because DMARC builds on those two checks.
  3. You need a mailbox you control so you can receive the DMARC reports.
  4. Check whether your domain already has a DMARC record, so you don’t create a duplicate.

Open Zone Editor

  1. Log in to cPanel.
  2. In the Domains section, open Zone Editor.

Find Zone Editor in cPanel

  1. Find your domain in the list and click Manage.

Click Manage for the domain

Check whether DMARC already exists

  1. Inside Manage Zone, use the TXT filter or the Filter by name field to search for _dmarc.
  2. If you see a record such as _dmarc.yourdomain.com., do not create another one. Click Edit to update it.
  3. If no DMARC record appears, click Add Record to create a new one.

Existing DMARC record in Zone Editor

Add or update the record

  1. If you are creating a new record, select TXT under Type.
  2. In Name, enter _dmarc. If cPanel completes the domain automatically, you’ll see something like _dmarc.yourdomain.com..
  3. Leave TTL at its default value, or use a lower value if you want the change to apply sooner.
  4. In Record, enter a safe starter value: v=DMARC1; p=none; rua=mailto:postmaster@yourdomain.com
  5. Replace postmaster@yourdomain.com with an email address you control.
  6. Save the change with Save Record if you are creating a new one, or with Save Record / Save All Records if you are editing an existing row.

How to verify the record

  1. Wait for propagation, which can take from a few minutes up to 24-48 hours.
  2. Go back to Zone Editor and confirm the _dmarc TXT record shows the value you saved.
  3. Use an online DMARC lookup tool, or run nslookup -type=TXT _dmarc.yourdomain.com from your own computer, to confirm the value is published.
  4. Make sure the lookup returns only one DMARC record.

Common errors

  1. Having more than one DMARC record: only one _dmarc TXT record should exist. With two, mail servers may ignore them.
  2. Using a rua= address that doesn’t exist or that you don’t manage.
  3. Forgetting v=DMARC1; at the start of the value: it’s required and must come first.
  4. Starting with p=reject or p=quarantine without monitoring first: always begin with p=none.
  5. Editing DNS at the wrong provider when your domain uses external DNS.
  6. Leaving extra spaces or quotes when pasting the record value.

Still need help?

If this guide didn’t solve your issue, our team can help you via ticket.