SPF/DMARC Record for Inactive Domains

The DMARC framework is not only designed for domains that are actively being used for email exchange, but it is recommended to be used for every domain you own.

For inactive non-email sending domains, it is a recommended best practice to have an SPF and DMARC record on a strict policy. This may seem confusing since those domains are not sending emails.

The issue is, anyone can spoof your domain regardless of what you are using it for, and it will appear genuine since you are the owner of the domain.

It is recommended that you configure SPF with NO IP addresses and a HardFail qualifier v=spf1 -all 


Print