- Newest
- Most votes
- Most comments
No, you do not. DMARC aligns your domain with how you want it to be authenticated, and it validares the domain you use in your FROM field in your e-mail. To use DMARC you need to have either SPF or DKIM or both active and installed on your domain.
So if you send an e-mail from <user>@example.com
, where the FROM domain is example.com
then your DMARC TXT record needs to be _dmarc.example.com
DMARC tells receivers how you want them to handle mail received from your domain - perhaps you specify a policy that effectively says "I always sign my email with DKIM and/or has valid SPF records designating the sending IPs for my domain, and if you receive an email that is not validated by one of these mechanisms - discard it""
So chaining your mail-from will make no difference to DKIM signing or any SPF records you may have - and thus you do not need to make any changes to your DMARC policy.
Read this really good block that explains how to use DMARC with SES: https://aws.amazon.com/blogs/messaging-and-targeting/email-authenctication-dmarc-policy/
Relevant content
- asked 4 months ago
- asked 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Thanks so much 🖤