Skip to main content

Hosted DMARC

The Hosted DMARC page lets you manage your domain's DMARC record through Palisade instead of editing DNS directly. When Hosted DMARC is active, Palisade publishes and maintains the DMARC record on your behalf using a CNAME delegation.

Domain Status

At the top of the page, a status badge indicates the current state:

  • Active — Hosted DMARC is live and the CNAME is verified
  • Verifying — Palisade is waiting for the CNAME to propagate
  • Error — DNS verification failed or the record is misconfigured
  • Inactive — Hosted DMARC is not enabled for this domain

DMARC Record

Displays the current DMARC record that Palisade is publishing. For domains using external DNS, a copyable record is shown so you can add it to your provider.

DMARC Policy Control

Adjust your DMARC enforcement level using the policy slider:

  • None — monitor only, no enforcement. Use this while reviewing DMARC reports to identify legitimate senders.
  • Quarantine — suspicious messages are sent to the recipient's spam folder.
  • Reject — unauthorized messages are blocked entirely.
warning

Do not change the policy to quarantine or reject until you have reviewed your Senders List and resolved all authentication issues. Moving to enforcement too early will cause legitimate email to be sent to spam or rejected. See the Locking Down DMARC guide for a safe approach.

Advanced Options

Fine-tune your DMARC configuration:

  • Subdomain policy — set a separate policy for subdomains (defaults to inheriting the parent policy)
  • Enforcement percentage — control what percentage (0–100%) of failing messages the policy applies to. Start at a low percentage (e.g., 10%) and increase gradually over several days to catch issues before full enforcement.
  • Reporting addresses (rua) — email addresses that receive aggregate DMARC reports
  • SPF alignment — strict or relaxed alignment mode
  • DKIM alignment — strict or relaxed alignment mode

A diff preview shows exactly what will change before you apply updates.

Disabling Hosted DMARC

To stop using Palisade's Hosted DMARC and manage the record yourself:

  1. Click Disable Hosted DMARC at the bottom of the page.
  2. Confirm the action in the dialog.
  3. Remove the CNAME record from your DNS provider and add a standard DMARC TXT record.
warning

Disabling Hosted DMARC without adding a replacement DMARC record to your DNS will leave your domain without a DMARC policy.