How to Set Up DMARC, DKIM, and SPF in Office 365

set up dmarc in office 365

Over the past decades, those who have used a computer must have come into contact with Microsoft Word, Excel, or PowerPoint. Once in our lifetime, we all have sent an email through Outlook or messaged someone on Skype. With digitalization at its zenith, millions of modern businesses rely on these communication methods all over the world. 

DMARC Office 365 is one such popular software that is not just limited to effective communication, creating documents, or balancing books. There is a lot more to Office than many users realise. By having set up DMARC in office 365 you can prevent all the fraudulent emails from getting into your mailbox.  

What is Office 365 and how to Create DMARC Record Office 365? 

Launched in 2001, Office 365 is a cloud-based, subscriptive model version of Microsoft’s well-known productivity suite Microsoft Office. Comprising the same core applications as traditional versions of Office, Office 365 includes Word, PowerPoint, Excel, Outlook, OneNote, and much more. Depending upon the plan you purchase it can also include various other services and apps such as Publisher, Planner, OneDrive, Exchange, SharePoint, Access, Skype, Yammer, and Microsoft Teams.   

For every company that uses Office 365 Exchange Server, it is crucial to implement DMARC, DKIM, and SPF in order to prevent email spoofing and phishing along with improving email deliverability. 

The SPF DMARC DKIM Office 365 has drastically become the most effective standard for productivity software. Millions of companies utilise Office 365 on a daily basis in order to send business emails.  

We have curated a comprehensive guide on how to create DMARC record office 365.

How to create a DMARC record?

A DMARC record is basically a TXT record that helps define your DMARC rulesets. In other words, the DMARC record helps you with the question how to set DMRAC and instructs email receivers as to what exactly it must do if a message fails to deliver because of email authentication issues. 

You can be the controlling power if you know what is DMARC record and by creating it you can decide whether the mailing server should reject, quarantine, or simply do nothing about a message that has failed authentication checks.  

Creating a DMARC record is an important step because it helps you combat cyber threats including phishing, spoofing, and CEO fraud originating from authorized email domains. In order to ensure better and tightened security, make sure to know how to set DMARC along with dkim office 365 and SPF in office 365.

After generating your DMARC record, make sure to follow these simple steps to publish your DMARC record into your Office 365 DNS.

Step 1) Open the Admin centre of Office 354.

Log in to the Admin centre of Office 365.

Step 2) Select Domains. 

Go to the settings menu and select the domains. 

Step 3) Select Office 365 domain.

From the domain menu, you can search, select or add desired office 365 domain for which you are willing to implement DMRAC. 

Step 4) Add DMARC Record 

Once you have selected the desired Office 365 domain, you will be directed to a page along with instructions on how your DNS settings must be set up for your Office 365 services to run smoothly. 

Step 5) Add DMARC Record

Make sure to follow the instructions from Office 365 on how to set up your DNS. Login to your DNS provider and make sure to implement SPF, DKIM, and DMARC for the domain. By taking help from the DMARC Record Generator, you will be able to generate a personalized DMARC record.  

Step 6) First DMARC Reports Will Start Appearing After 72 Hours

After DMARC is set up, you have to wait some time before the first report will arrive in DMARC Analyzer. Only one report is sent each day because of DNS caching and the fact that the ISPs are mostly sent that way. The entire process can take up to 72 hours.  

Introduction to Office 365 Mail Flow 

Office 365 predominantly uses DNS records similar to MX records on domains in order to route emails and messages. 

Once you have signed up for Office 365 with your organization domain, a default account will be created for you that looks somewhat like this: [email protected]. Although you are able to send and receive emails from this account, it’s recommended that you switch to your own domain because that appears more professional. 

How to Set up SPF in Office 365? 

It is crucial to create SPF records for SPF record check and set up SPF in Office 365 as it specifies all your legitimate outgoing email hosts and publishes them in the DNS. 

What is SPF and how to create SPF Record for office 365? 

Depending on the outbound email scenario, you are required to create your SPF check accordingly. 

Scenario 1: If you only use Office 365 Exchange Online in order to send emails on behalf of your organization then in this scenario, all you have to do is include your SPF record like this: 

v=spf1 include: –all 

Scenario 2: If you currently send emails from your on-premises email server then Office 365 is also required to send emails on your behalf. In such scenarios, if you already have an existing SPF record then all you have to do is include the Office SPF record. 

How To Setup DKIM in Office 365?

In order to get a DKIM record check in Office 365, first of all, you need to create 2 CNAME-typed DKIM records on each domain. These records look like the following:

Hostname: selector1._domainkey.CompanyDomainName

Points to:

Hostname: selector2._domainkey.CompanyDomainName

Points to:

For example, if your company’s domain name is, and you have signed up for Office 365 as a company, you need to create these 2 DKIM records:


Points to:


Points to:

Note that in the above Points to values, the CompanyDomainName should match the domain part of the MX record that is generated by Office 365. In this case, company-com in the Points to value should match company-com in

After you have published the DKIM record, give it some time (~10 minutes) for the records to propagate in the DNS.


Q1. What is DMARC policy? 

A DMARC policy is basically a value specified by the p= tag present inside a DMARC record. It incorporates 3 modes such as none, quarantine, and rejects. Email servers depend upon it for the disposition of unauthenticated emails. 

Q2. How do I build or generate or create a DMARC DNS record? 

You can avail GoDMARC’s free tool to create a DMARC record. All you have to do is enter the settings, click on the Generate DMARC Record button and it’s all set. 

Q3. How do I add a DMARC record in DNS?

In order to add a DMARC record, you have to log into your DNS service provider’s dashboard and create a TXT record based on the subject domain. Then set the host to -dmarc and the value should be to the DMARC record.

Explore Our More Tools:


Look Up and validate SPF Record

Learn More

Look Up DKIM Record

Learn More

Look Up DMARC Record

Learn More

Look Up BIMI Record

Learn More