Skip to main content

Documentation Index

Fetch the complete documentation index at: https://jetemail.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Domain spoofing is a serious threat to email integrity. Attackers impersonate a domain they don’t own to send phishing emails or distribute malware. Three authentication standards work together on the open internet to stop this: DKIM, SPF, and DMARC. JetEmail requires every sending domain to have a DMARC record. The minimum policy that satisfies this requirement is p=none, which monitors authentication results without acting on failures. If no DMARC record is detected for a domain, JetEmail will reject any attempts to send email from that domain.
p=none is the floor, not the goal. It satisfies our minimum requirement and is fine for a few days while you watch DMARC reports come in, but it provides no protection against spoofing. Receivers will deliver fraudulent mail that fails authentication just as readily as legitimate mail. As soon as your reports show all legitimate sources passing, move to p=quarantine and then p=reject.

Required DMARC record

Name: _dmarc.domain.com TTL: 14400 Value: 
v=DMARC1; p=none
This is the minimum that passes our check. A stricter policy also passes, and is what you should aim for once your authentication is clean: 
v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com

v=DMARC1; p=reject; rua=mailto:dmarc@yourdomain.com
Add rua=mailto:... (aggregate report address) so you receive daily reports from major mailbox providers. Use those reports to confirm all of your legitimate senders pass SPF or DKIM alignment before tightening the policy.