General DNS Setup Guide
No matter which registrar you use (GoDaddy, Cloudflare, Namecheap, AWS Route53), the process for adding DMARC records is similar.
Record Details
SentraDMARC uses Sentra-Link, an entirely CNAME-based delegation strategy. This allows us to manage your security updates automatically without you ever touching DNS again.
| Type | Host / Name | Value |
|---|---|---|
| CNAME | _dmarc | dmarc.[your-unique-link] |
| TXT | @ (Root) | v=spf1 include:spf.[your-unique-link] ~all |
| CNAME | _smtp._tls | tls.[your-unique-link] |
| CNAME | _mta-sts | mta.[your-unique-link] |
| CNAME | mta-sts | policy.yourservice.com |
| CNAME | s1._domainkey | dkim1.[your-unique-link] |
| CNAME | default._bimi | bimi.[your-unique-link] |
Common Gotchas
- Host Name: Some providers (like GoDaddy) only require you to enter the subdomain (e.g.,
_dmarc). Others may require the full host (e.g.,_dmarc.yourdomain.com). - Unique Links: The
[your-unique-link]values shown above are placeholders. You will receive your specific, secure connection strings inside the SentraDMARC dashboard after adding your domain. - Propagation: DNS changes can take anywhere from 5 mins to 48 hours to propagate globally.
- Conflicts: Ensure you do not have any existing TXT records for these hosts (e.g. your old
_dmarcrecord) before switching to Sentra-Link.