You can set up DMARC without the SPF or DKIM Bluehost, but it will be useless because these are the prerequisites. DMARC (Domain-based Message Authentication, Reporting & Conformance) is a one-line entry in the domain’s DNS record. Follow this guide if you choose Bluehost as your hosting provider.

DMARC gives the email receivers better judgment control considering the sending domain’s reputation. It offers a platform where the sender can define policies to improve protection against phishing and spam emails, thus, building domain reputation. DMARC also helps define guidelines to address messages which do not align with the policies published by the sender domains.

DMARC aims to:

  • Reduce false negatives
  • Provide authentication reports
  • Define sender policies for the receiving end
  • Reduce phishing
  • Be scalable

Do I Need to Publish SPF and DKIM records?

The sender domain must publish an SPF and DKIM record before starting with DMARC. After you put into place the SPF and DKIM records, you can move to configure the DMARC by defining policies in the domain’s TXT records ( similar to how you defined and published the SPF and DKIM Bluehost). After publishing the DMARC record, your record name will read something similar to “_dmarc.your-domain.com.” 

After the Bluehost verification, your DMARC policies will be published as TXT records and define what to do if a non-aligned mail arrives.

How Do I Publish DMARC Records for Bluehost?

  1. Log in to the cPanel and navigate to the user account on Bluehost.
  2. Next, click on “DNS Zone Editor.”
  3. Select the domain that you need to update or edit. You will get redirected to the DNS Zone Editor.
  4. Select “Add Record” and publish your DMARC record. If there is a previous DMARC record, edit that record instead of creating a new one. Multiple DNS records will cause errors.
  5. Fill up the fields in the Modify DNS zone as follows:
  • In the field named “Host Record,” you must enter “_dmarc”
  • In the field “TTL” (for example, 2 hours), enter the TTL Value of your choice
  • In the field “Type” you must select TXT
  • Type the DMARC TXT record in the field “Points To”
  • Select “Add Record”
  • After finishing these steps, the DMARC records will get published successfully in the DNS and appear within 72 hours in the records.

I keep getting a “No DMARC record found” message. What does it signify?

When you see errors like “No DMARC record found,” “DMARC record is missing,” or “DMARC record not found,” it means that your domain is missing the most powerful and effective email authentication mechanism – DMARC. Attackers can send a phishing email from the same domain mentioned in the “From” field because SMTP doesn’t offer any protection from fake “From” addresses by default.

Final Words

Your domain must have email authentication mechanisms in place to prevent email spoofing. You might have deployed the SPF and DKIM mechanisms, but these alone cannot stop your domain’s impersonation and prevent email spoofing comprehensively. Domain-based Message Authentication, Reporting & Conformance (DMARC) combines the advantages of SPF and DKIM and offers inclusive protection from email spoofing.