Upgrade for Live Support

All of our paid plans come with access to our highly experienced technical support team.

  • Contact us via Email, Phone, or Ticket
  • Detailed Explanation of Your Lookup Results
  • Guidance to Help Resolve Your Problems
  • RFC Compliance Best Practices
  • Blacklist Delisting Support

Let our experts help you resolve your dmarc issue!

Get Dmarc Support

DMARC External Validation

What you see when your domain has this problem
External Domains in your DMARC are not giving permission for your reports to be sent to them. Details area Ignore

More Information About Dmarc External Validation

If you see this error, one of the "rua" or "ruf" email addresses in your report does not have a DNS TXT record verifying that they wish to receive DMARC reports for your domain.

If you want to send your DMARC reports to a domain other than the one that the record is for, then the recieving domain needs to configure a DNS record so that Email Serivce Providers know that the recipient is authorizing the the reports.

From RFC-7489

Verifying External Destinations

It is possible to specify destinations for the different reports that are outside the authority of the Domain Owner making the request. This allows domains that do not operate mail servers to request reports and have them go someplace that is able to receive and process them. Without checks, this would allow a bad actor to publish a DMARC policy record that requests that reports be sent to a victim address, and then send a large volume of mail that will fail both DKIM and SPF checks to a wide variety of destinations; the victim will in turn be flooded with unwanted reports. Therefore, a verification mechanism is included.

For example: If your domain is domain.com and you want to send your reports to mxtoolbox.dmarc-report.com, then the recipient domain (in this case MxToolbox) needs to have a TXT DNS record domain.com._report._dmarc.mxtoolbox.dmarc-report.com which has the content v=DMARC1. Note: This record is something that the recipient of your DMARC reports needs to configure. 

In the majority of cases the recipient domain will create a wild card record, which essentially means the domain is willing to receive DMARC reports for ANY domain. A wildcard record would look like this: *._report._dmarc.example.com with a value of "v=DMARC1"

When you configure MxToolbox to receive your DMARC reports, we are automatically setup to receive your reports.

Your Email Deliverability is in Jeopardy!

Blacklisting is a sign that you are not actively managing your email deliverability. Other technologies - SPF, DKIM and DMARC are now just as important to get your email placed in the Inbox of your recipients. If you aren’t managing email deliverability, your message may never be heard.

MxToolbox Delivery Center Features:

  • Insight into your SPF, DKIM and DMARC configuration to ensure your sending email properly
  • DMARC Compliance checks for all of your reported email
  • Adaptive Blacklist Monitoring of all your email senders
  • Recommendations for improving DMARC compliance and DMARC policies
  • Event-based reminders for emergent issues and on-going maintenance

DMARC is a necessity for your business!

  Learn More about Email Delivery

burritos@banana-pancakes.com braunstrowman@banana-pancakes.com finnbalor@banana-pancakes.com ricflair@banana-pancakes.com randysavage@banana-pancakes.com