MEDIUMCWE-345Email Security
DMARC Record Missing
Description
Your domain lacks a DMARC policy, meaning receiving mail servers have no guidance on handling unauthenticated emails from your domain.
How Vezraa Detects It
We check for a _dmarc TXT record on your domain and validate its policy (none/quarantine/reject).
Real-World Impact
Without DMARC, attackers can spoof your domain for phishing and BEC (Business Email Compromise) attacks with no way for recipients to detect forgery.
Fix Example
v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com; pct=100; sp=quarantine
Affected Stacks
DNSEmail