Configuring DMARC without SPF

As explained earlier DMARC DOES NOT require both SPF and DKIM protocols to function. 

This means that for your messages to pass DMARC authentication on the receiver’s side, it has to align with either SPF (pass SPF check) or DKIM (pass DKIM check),and not both. 

As soon as your email passes SPF or DKIM identifier alignment, it will automatically pass through the DMARC authentication gateway and safely reach your client’s inbox without being blocked or marked as spam.

This means that to set up DMARC without SPF you need to:

1. Set up DKIM for your domain
2. Set up DMARC for your domain
3. Activate reporting to maintain and monitor deliverability

Setting up DMARC without SPF

Step 1: Create and publish a record for DKIM

While doing so you need to make sure you don’t publish more than a single record for the same domain. This simple mistake can invalidate your record and lead to authentication failures.

Use a DKIM generator to create an instant public-private key pair along with a suitable DKIM selector. Publish this record on your DNS to activate the protocol.

Step 2: Create and publish a record for DMARC

Create a single DMARC record for each of your domains using a DMARC generator and publish it by accessing your DNS. Your record must have a policy defined for it (reject/quarantine/none)

Note that a DMARC reject policy would not hurt your email deliverability, it would rather work as a stronger gateway against impersonation attacks and spoofing. A none policy on the other hand will provide no protection but is beneficial if you’re just starting out and want to simply monitor your results.