The new advancedDmarcOptions
feature allows you to configure your DMARC records with greater flexibility and precision. It supports tag overrides, tag removal, inheritance from root domain records, and adding missing tags. This feature ensures better management of DMARC configurations, allowing complex updates in a single request.
When configuring DMARC records, it’s important to ensure that the value
field accurately reflects the desired final DMARC configuration. If the existing DMARC record is invalid, overrides cannot be applied effectively. For example, if a DMARC record is missing a required policy (p
tag) and the user attempts to update the rua
tag, the system will not be able to modify the invalid record. In such cases, the value
provided in the request will be used as-is.
The advancedDmarcOptions
object can be included in your DMARC record configuration. This object supports the following keys:
inheritRootDmarc
: Inherit the DMARC settings from the root domain for subdomains.overrideTags
: Override specific tags in the existing DMARC record or add them if they do not exist.removeTags
: Remove specific tags from the DMARC record.addTagsIfNotExist
: Add tags to the DMARC record only if they are not already present, ensuring certain tags are included without overriding existing values.Here’s an example of a DMARC record using advancedDmarcOptions
:
inheritRootDmarc
is set to true
.overrideTags
object to modify existing DMARC tags. For example, change the policy from none
to quarantine
or update reporting email addresses.removeTags
to remove unwanted tags such as pct
(percentage).addTagsIfNotExist
key ensures that specific tags are added only if they are missing from the DMARC record.Overriding Existing Tags
none
to quarantine
.v=DMARC1; p=none; rua=mailto:reports@example.com
v=DMARC1; p=quarantine; rua=mailto:reports@example.com
Payload:
Adding New Tags
pct=50
tag to an existing DMARC record.v=DMARC1; p=reject; rua=mailto:reports@example.com
v=DMARC1; p=reject; pct=50; rua=mailto:reports@example.com
Payload:
Removing Tags
rua
(aggregate report) tag.v=DMARC1; p=quarantine; ruf=mailto: forensic@example.com rua=mailto:reports@example.com
v=DMARC1; p=quarantine; ruf=mailto:forensic@example.com
Payload:
Inheriting Root Domain Policy
Payload:
Add Tag Only if Not present
Scenario: Ensure that a domain has a specific DMARC tag set up, but only if it doesn’t already have one set. This example uses the rua
tag, but the approach works for any DMARC tag.
Before (Case 1): v=DMARC1; p=none;
After (Case 1): v=DMARC1; p=none; rua=mailto:dmarc-reports@example.com
Before (Case 2): v=DMARC1; p=none; rua=mailto:existing-reports@example.com
After (Case 2): v=DMARC1; p=none; rua=mailto:existing-reports@example.com
(unchanged)
Payload:
Complex Configuration
v=DMARC1; p=none; pct=100; adkim=s; rua=mailto:old@example.com
v=DMARC1; p=quarantine; pct=50; aspf=s; rua=mailto:new@example.com
Payload:
The new advancedDmarcOptions
feature allows you to configure your DMARC records with greater flexibility and precision. It supports tag overrides, tag removal, inheritance from root domain records, and adding missing tags. This feature ensures better management of DMARC configurations, allowing complex updates in a single request.
When configuring DMARC records, it’s important to ensure that the value
field accurately reflects the desired final DMARC configuration. If the existing DMARC record is invalid, overrides cannot be applied effectively. For example, if a DMARC record is missing a required policy (p
tag) and the user attempts to update the rua
tag, the system will not be able to modify the invalid record. In such cases, the value
provided in the request will be used as-is.
The advancedDmarcOptions
object can be included in your DMARC record configuration. This object supports the following keys:
inheritRootDmarc
: Inherit the DMARC settings from the root domain for subdomains.overrideTags
: Override specific tags in the existing DMARC record or add them if they do not exist.removeTags
: Remove specific tags from the DMARC record.addTagsIfNotExist
: Add tags to the DMARC record only if they are not already present, ensuring certain tags are included without overriding existing values.Here’s an example of a DMARC record using advancedDmarcOptions
:
inheritRootDmarc
is set to true
.overrideTags
object to modify existing DMARC tags. For example, change the policy from none
to quarantine
or update reporting email addresses.removeTags
to remove unwanted tags such as pct
(percentage).addTagsIfNotExist
key ensures that specific tags are added only if they are missing from the DMARC record.Overriding Existing Tags
none
to quarantine
.v=DMARC1; p=none; rua=mailto:reports@example.com
v=DMARC1; p=quarantine; rua=mailto:reports@example.com
Payload:
Adding New Tags
pct=50
tag to an existing DMARC record.v=DMARC1; p=reject; rua=mailto:reports@example.com
v=DMARC1; p=reject; pct=50; rua=mailto:reports@example.com
Payload:
Removing Tags
rua
(aggregate report) tag.v=DMARC1; p=quarantine; ruf=mailto: forensic@example.com rua=mailto:reports@example.com
v=DMARC1; p=quarantine; ruf=mailto:forensic@example.com
Payload:
Inheriting Root Domain Policy
Payload:
Add Tag Only if Not present
Scenario: Ensure that a domain has a specific DMARC tag set up, but only if it doesn’t already have one set. This example uses the rua
tag, but the approach works for any DMARC tag.
Before (Case 1): v=DMARC1; p=none;
After (Case 1): v=DMARC1; p=none; rua=mailto:dmarc-reports@example.com
Before (Case 2): v=DMARC1; p=none; rua=mailto:existing-reports@example.com
After (Case 2): v=DMARC1; p=none; rua=mailto:existing-reports@example.com
(unchanged)
Payload:
Complex Configuration
v=DMARC1; p=none; pct=100; adkim=s; rua=mailto:old@example.com
v=DMARC1; p=quarantine; pct=50; aspf=s; rua=mailto:new@example.com
Payload: