To make the HelpDesk contact form work properly, adjust the DMARC policy from aspf=s (strict) to aspf=r (relaxed).
This change allows subdomains to meet SPF requirements, facilitating smoother email authentication without significantly compromising security.
Differences between relaxed and strict alignment
- Relaxed alignment (aspf=r): Permits subdomains to satisfy SPF, giving greater flexibility.
- Strict alignment (aspf=s): Requires exact domain matches, improving security but reducing flexibility.
To adjust the DMARC policy, follow these steps:
- Access DNS management. Log in to your domain registrar or DNS hosting provider.
- Locate DMARC record. Find the current DMARC record in your DNS settings. It typically looks like _dmarc.yourdomain.com.
- Edit DMARC policy. Change the aspf tag from aspf=s (strict) to aspf=r (relaxed). The updated record should look something like this: v=DMARC1; p=none; sp=none; aspf=r;
- Save changes. Save the updated DNS settings.
Read the following example to fully understand the process.
Relaxed SPF alignment:
- DMARC Record: v=DMARC1; p=none; rua=mailto:dmarc-alert@example.com; aspf=r;
- From Address: sales@marketing.example.com
- Return Path: marketing.example.com
- Result: SPF is relaxedly aligned.
Relaxed DKIM alignment:
- DMARC Record: v=DMARC1; p=none; rua=mailto:dmarc-alert@example.com; adkim=r;
- From Address: sales@marketing.example.com
- DKIM Domain: example.
- Result: DKIM is relaxedly aligned.