What are SPF and DMARC?
SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication Reporting & Conformance) are two email security protocols which help stop cybercriminals or other unauthorized people from sending emails pretending to be from your domain name (e.g. yourorganization.com). This will help you to cut down on spam or malicious emails potentially being associated with your domain name and organization.
If you want to learn more about SPF, DMARC, and DKIM (another related email security protocol) then we would suggest this article from Cloudflare which explains it in more detail.
How do I fix this issue?
To make sure that SPF and DMARC are setup and functioning appropriately, you will need to make changes in two places. One is going to be configuring your email server and the other is updating your domain’s DNS records.
- Email Server
- If your email provider is Google Suite, they have an article about how to setup SPF and DMARC for your organization.
- If your email provider is Microsoft 365, then you can find an article here about configuring SPF and an article here about configuring DMARC.
- If your email is provided by your IT service provider or a web hosting company, then contact them for support or instructions on how to make changes.
- Domain DNS Record
For most organizations, your DNS records will be managed through the same company where you bought your domain name. For example, you can get instructions on how to update your DNS records at GoDaddy or Namecheap if they are your domain registrar and/or web hosting provider. If your DNS records cannot be changed with your domain registrar, then check with the company which hosts your website for support or instructions.