Default DMARC record doesn't disable when a custom one is set?


I have created a custom DMARC policy under a TXT record. However, when querying the domain’s DMARC policy, both my custom record and the mostly useless default one are returned.

This appears to be the same issue that a previous user discussed in a now-locked thread which was handled in private messages, apparently: DMARC with custom content

Am I missing something? Can we publicize the solution? Please forgive me, I’m a bit of a novice here. For this domain, I have custom A records which seamlessly replaced the default ones at the domain and the www subdomain, as I have my website hosted externally.

Edit to add: I thought perhaps if I SSH’d into the box and tried the curl commands for custom DNS records, perhaps I could manually zap the default. But I ran into problems with that, as every time I attempt to use the --user {email address}:{password} format, I get a validity error, which makes no sense as I use only the 1 user on this box, and I can log into the web GUI successfully with the email and password I put into the curl command.

I have found my own solution, and I am placing it here for posterity/anyone else who may encounter this.

When I set my custom DMARC policy, I set “_DMARC.” and this is apparently accepted as valid DMARC policy everywhere I checked (e.g. MXToolbox and the like). However, when I changed it to “_dmarc.” the mail-in-a-box default DMARC policy vanished as expected, and now the lookup tools all return a single DMARC policy for my domain.

Excellent. I hope this post helps someone else!!!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.