Solve DMARC issues The content of the TXT resource record consists of name=value tags, separated by semicolons, similar to SPF and DKIM. For example:

Inspection, eg with:
Points to watch out for:
  1. Reporting to an email address elsewhere requires authorization in that external DNS.
  2. Choosing ‘s(trict)’ instead of default ‘r(elaxed)’, a subdomain also needs authorization.
  3. In a related DNS value ‘v = DMARC1;’ requires a semicolon for successful testing.
  4. Lines with ABNF syntax, as for DMARC, can optionally terminate with a semicolon.
  5. The file size can be limited to eg 10 megabytes with !10m at the end of the email address.
  6. Eg _dmarc and _dmarc.www can derive using ‘CNAME’ set up with:
    ‘TXT v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;!10m;’ (Request for Comments for DMARC):

For example, if a DMARC policy query for “” contained “”, the host extracted from the latter (“”) does not match “”, so this procedure is enacted. A TXT query for “” is issued. If a single reply comes back containing a tag of “v=DMARC1”, then the relationship between the two is confirmed. (Request for Comments for DKIM):

Formally, the ABNF syntax rules are as follows:

tag-list = tag-spec *( “;” tag-spec ) [ “;” ]
tag-spec = [FWS] tag-name [FWS] “=” [FWS] tag-value [FWS]
tag-value = [ tval ( 1(WSP / FWS) tval ) ]
; Prohibits WSP and FWS at beginning and end
tval = 1*VALCHAR
VALCHAR = %x21-3A / %x3C-7E

Note that WSP is allowed anywhere around tags. In particular, any
WSP after the “=” and any WSP before the terminating “;” is not part
of the value; however, WSP inside the value is significant.