Monitoring DMARC setup

Procedure

1. Go to Outbound Protection → Domain-based Authentication → Domain-based Message Authentication, Reporting and Conformance (DMARC) Monitoring.
2. Go to DMARC Record Check.
3. Optionally specify the search criteria and click Search.
4. Check the DMARC setup status for the managed domains.

   Item	Description
   Managed domain	Domain protected by Trend Micro Email Security. All protected domains are listed in the table.
   Outbound Protection	Whether outbound protection is enabled for the domain. Enabled Disabled To enable outbound protection, go to Domains, click the domain, and select Enable outbound protection on the displayed screen for editing domain information.
   SPF	Whether SPF is enabled for the domain. Enabled Disabled SPF is disabled in either of the following scenarios: No SPF record is available for the domain. The Trend Micro Email Security server is not included in the SPF record. To enable SPF, depending on your scenario, set up an SPF record for the domain or add the Trend Micro Email Security server address to the SPF record for the domain. You can click Disabled to go to the Domains screen and follow the onscreen instructions for SPF setup in the Outbound Servers section. For more information, see Adding SPF records.
   DKIM	Whether DKIM is enabled for the domain. Enabled Disabled DKIM is disabled in any of the following scenarios: The DKIM record is not published or is published incorrectly. The DKIM record is published but is still being propagated. DKIM is enabled after the DKIM record propagation is completed. No DKIM signing policy is created in Trend Micro Email Security. The DKIM signing policy is disabled in Trend Micro Email Security. To enable DKIM, depending on your scenario, check the publish of your DKIM record for the domain, or click Disabled to go to the DKIM Signing screen and create or enable a DKIM signing policy for the domain.
   DMARC	Whether DMARC is enabled for the domain. Enabled The screen also shows the policy tag specified in the DMARC record, which can be none, quarantine, or reject, and whether the policy is inherited from an organizational domain, You can click Enabled to view the details about the published DMARC record. If you want to update the DMARC record, click Modify to generate a new record and publish it to the DNS server. For details about DMARC record options, see Generating a DMARC record. Disabled DMARC is disabled in any of the following scenarios: No DMARC record is available for the domain. No policy tag is specified in the DMARC record. To enable DMARC, depending on your scenario, set up a DMARC record for the domain or specify a policy tag in the DMARC record. Trend Micro Email Security provides a DMARC record generator to facilitate your DMARC setup. You can click Disabled to create a DMARC record for the domain. For details, see Generating a DMARC record.