dmarc setup for ai agent sender
Step-by-step DMARC setup for AI agents that send email. Learn how SPF, DKIM, and DMARC work together to keep your agent's messages out of spam.
Last month I watched someone burn a perfectly good domain in two days. Their agent sent 400 outreach emails from a new address with no DMARC record, no warm-up, and SPF that pointed to the wrong server. Gmail flagged the domain. Yahoo followed. By Thursday the domain's reputation was so low that even a password reset email from their SaaS product landed in spam.
DMARC isn't optional anymore. Google and Yahoo's 2024 bulk sender requirements made that explicit: if you send more than 5,000 messages a day, you need a published DMARC policy. But even if your agent sends 50 emails a day, a missing DMARC record tells receiving servers you don't care whether someone spoofs your domain. That's not a signal you want to send.
This guide walks through DMARC setup for AI agent senders, from the first DNS record to full enforcement. If you've already got SPF and DKIM in place, you're halfway there. If you don't, we'll cover those too.
How SPF, DKIM, and DMARC work together#
Think of email authentication as three checks that happen before a message reaches anyone's inbox.
SPF (Sender Policy Framework) is a DNS record that lists which servers are allowed to send email for your domain. When your agent sends a message through a mail server, the recipient checks whether that server's IP appears in your SPF record. If it doesn't, the message fails SPF.
DKIM (DomainKeys Identified Mail) is a cryptographic signature attached to every outgoing message. Your sending server signs the email with a private key. The recipient looks up the public key in your DNS and verifies the signature matches. If someone tampered with the message in transit, DKIM fails.
DMARC ties them together. It tells receiving servers what to do when both SPF and DKIM fail, and where to send reports about authentication results. Without DMARC, a receiving server might silently accept a forged email from your domain. With DMARC set to p=reject, that forged email gets dropped.
Here's the part most guides skip: DMARC requires alignment, not just a pass. SPF alignment means the domain in the Return-Path header matches the domain in the From header. DKIM alignment means the domain in the DKIM signature (d= tag) matches the From domain. If your agent sends from agent@yourdomain.com but the Return-Path says bounce@some-other-service.com, SPF might pass but DMARC alignment fails. This is the most common reason agent emails pass individual checks but still land in spam.
How to set up DMARC for an AI agent sender (step-by-step)#
- Publish a TXT record at
_dmarc.yourdomain.comwithv=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.comto start collecting reports without affecting delivery. - Send test emails from your agent and monitor aggregate reports for one to two weeks, looking for SPF or DKIM alignment failures.
- Confirm that every legitimate sending path (your agent's email platform, transactional services, marketing tools) is properly SPF and DKIM aligned with your From domain.
- Upgrade your policy to
p=quarantineand monitor for another two weeks, checking that no legitimate mail is being flagged. - Advance to
p=rejectfor full enforcement once you're confident all legitimate senders are aligned.
Each step matters. Jumping straight to p=reject on a domain where your agent sends through multiple services is how you accidentally quarantine your own emails.
The DNS records you actually need#
For a domain called yourdomain.com, you'll need three TXT records.
SPF record (on yourdomain.com):
v=spf1 include:your-email-provider.com -all
Replace your-email-provider.com with whatever service your agent uses to send. The -all at the end means "reject everything not listed." If your agent sends through multiple services, add each one with a separate include:.
DKIM record (on selector._domainkey.yourdomain.com):
v=DKIM1; k=rsa; p=YOUR_PUBLIC_KEY_HERE
Your email provider gives you the selector name and the public key. You paste them into DNS. The private key stays on the sending server and signs every outgoing message.
DMARC record (on _dmarc.yourdomain.com):
v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com; ruf=mailto:dmarc-forensic@yourdomain.com; adkim=r; aspf=r
The rua address receives aggregate reports (daily summaries of authentication results). The ruf address receives forensic reports (details about individual failures). Some providers don't send forensic reports, so rua is the one that matters. The adkim=r and aspf=r tags set relaxed alignment, meaning subdomains can align with the parent domain. This is usually what you want for agent deployments.
Why agents create unique DMARC alignment problems#
A human sends email from one account through one provider. An AI agent might send from multiple inboxes, across multiple workflows, at variable volumes that spike unpredictably. Each sending path needs to be aligned independently.
Consider a common pattern: your agent provisions an inbox, sends a few welcome emails, then goes quiet for a week, then sends 200 follow-ups in an afternoon. Receiving servers notice these volume spikes. Without authentication in place, that kind of pattern looks a lot like a compromised account or a spam bot.
Multi-tenant deployments add another layer. If your agent sends on behalf of multiple customers, each customer's domain needs its own DMARC setup. You can't publish one SPF record that covers all of them. This is where subdomain policies (sp= in your DMARC record) become useful. Setting sp=reject on the organizational domain while using p=quarantine on agent-specific subdomains gives you enforcement at the top level with room to monitor new sending patterns on subdomains.
Or you skip all of that complexity. Managed inbox platforms like LobsterMail ship with SPF, DKIM, and DMARC pre-configured on every inbox your agent provisions. Your agent calls createInbox(), gets an address with authentication already passing, and starts sending. No DNS records to edit, no alignment to debug. The trade-off is you're sending from LobsterMail's domain (or a custom domain you've verified), not from agent@yourcustomdomain.com with self-managed DNS. For most agent builders, that trade-off saves a week of setup.
Reading DMARC aggregate reports#
DMARC reports arrive as XML files attached to emails sent to your rua address. They look terrible in raw form, but the data is straightforward.
Each report tells you: which IPs sent email claiming to be from your domain, whether SPF passed or failed, whether DKIM passed or failed, and what disposition was applied (none, quarantine, or reject). If you see an IP you don't recognize sending as your domain, someone is spoofing you. If you see your agent's IP failing DKIM, your signing configuration is wrong.
Free tools like the Postmark DMARC analyzer or MXToolbox's DMARC report parser turn these XML files into readable dashboards. Set one up during your p=none monitoring phase so you're actually looking at the data, not just collecting it.
Moving from p=none to p=reject#
The monitoring phase isn't a formality. I've seen teams discover that their CRM, their transactional email service, and their agent platform were all sending as the same domain with only one of them in the SPF record. If they'd started at p=reject, two thirds of their email would have bounced.
Here's a reasonable timeline:
- Weeks 1-2 (p=none): Collect reports. Identify every service that sends as your domain. Fix any SPF or DKIM alignment failures.
- Weeks 3-4 (p=quarantine): Failed messages go to spam instead of being delivered normally. Watch for complaints from recipients who should be getting your email.
- Week 5+ (p=reject): Full enforcement. Unauthenticated messages are dropped. Your domain is protected from spoofing.
Two weeks per phase is a minimum. If your agent's sending volume is low, you might need longer to collect enough report data. If you're sending thousands of messages a day, two weeks gives you plenty of signal.
One thing worth noting: DMARC records propagate through DNS, which means changes can take up to 48 hours to take effect globally. Don't change your policy at 9 AM and assume it's live everywhere by noon.
Recovering from a damaged sender reputation#
If your agent has been sending without DMARC for a while and your domain reputation is already low, adding DMARC alone won't fix things overnight. Reputation is built on consistent, authenticated, low-complaint sending over time.
Start by fixing authentication (the steps above). Then reduce your agent's sending volume to a fraction of what it was. Gradually increase over two to four weeks while monitoring bounce rates and spam complaints. This is essentially a warm-up process, and it works the same whether you're warming a new domain or rehabilitating a damaged one.
If your domain reputation is truly buried, it might be faster to move your agent to a new subdomain (like mail.yourdomain.com), set up clean authentication from the start, and warm it up properly. The old subdomain's reputation doesn't automatically infect the new one, as long as the new one has its own SPF, DKIM, and DMARC records.
The simpler path#
Everything above is the right way to do it yourself. It works. It's also a week of DNS record management, report monitoring, and policy iteration before your agent sends a single authenticated email.
If you'd rather skip the DNS configuration, . Every inbox comes with SPF, DKIM, and DMARC passing out of the box. Your agent spends its time sending email instead of debugging TXT records.
Frequently asked questions
What is DMARC and why does every AI agent that sends email need it?
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a DNS-published policy that tells receiving mail servers how to handle messages failing SPF and DKIM checks. Without it, anyone can forge your domain in the From header, and receiving servers have no instruction to reject those forgeries. For AI agents, a missing DMARC record almost guarantees deliverability problems with Gmail and Yahoo.
What DMARC policy should an AI agent start with?
Start with p=none. This collects authentication reports without affecting delivery, so you can identify all legitimate sending paths before enforcing anything. Jumping to p=reject without monitoring first risks blocking your own agent's emails.
How long should I monitor DMARC reports before enforcing a stricter policy?
At least two weeks at p=none, then two weeks at p=quarantine. If your agent sends low volume, you may need three to four weeks per phase to collect enough data. The goal is to confirm every legitimate sender is aligned before moving to reject.
Will my AI agent's emails go to spam if I don't have a DMARC record?
They might. Gmail and Yahoo now require DMARC for bulk senders, and even low-volume senders benefit from having a record. A missing DMARC record doesn't guarantee spam placement, but it removes a trust signal that helps your email reach the inbox.
Does setting up DMARC require editing DNS records, or can a platform handle it?
Self-managed DMARC requires adding TXT records to your domain's DNS. Managed email platforms like LobsterMail handle SPF, DKIM, and DMARC automatically on every inbox, so your agent can skip DNS configuration entirely.
What is the difference between SPF alignment and DKIM alignment in DMARC?
SPF alignment checks that the Return-Path domain matches the From domain. DKIM alignment checks that the DKIM signature domain (d= tag) matches the From domain. DMARC passes if at least one of these alignments succeeds. Relaxed mode (adkim=r, aspf=r) allows subdomains to align with the parent domain.
Why does my AI agent's email pass SPF and DKIM but still land in spam?
Passing SPF and DKIM individually isn't enough. DMARC requires alignment, meaning the authenticated domain must match the From header domain. If your agent sends from agent@yourdomain.com but SPF authenticates bounce@mailservice.com, SPF passes but alignment fails. Spam filters also consider reputation, content, and sending patterns beyond authentication.
Do Google and Yahoo's 2024 bulk sender requirements apply to AI agents sending automated emails?
Yes. The requirements apply to anyone sending more than 5,000 messages per day to Gmail or Yahoo addresses. They mandate SPF, DKIM, DMARC (at minimum p=none), one-click unsubscribe for marketing messages, and spam complaint rates below 0.3%. AI agents that send at scale must comply.
What is a DMARC aggregate report (rua) and how do I use it to fix authentication failures?
An aggregate report is a daily XML summary sent to the email address in your DMARC record's rua tag. It shows which IPs sent email as your domain, whether SPF and DKIM passed, and what percentage of messages were aligned. Use a free tool like Postmark's DMARC analyzer to parse these reports and identify misconfigured senders.
Can one AI agent send email on behalf of multiple domains, and how does DMARC handle that?
Each domain needs its own SPF, DKIM, and DMARC records. Your agent can send from multiple domains, but authentication must be configured independently per domain. Using per-customer subdomains with a parent-level sp= policy is a common pattern for multi-tenant agent deployments.
What happens to emails if I set DMARC to p=reject too early?
Any email that fails both SPF and DKIM alignment will be silently dropped by the receiving server. If your agent sends through a service that isn't in your SPF record, or DKIM signing isn't configured, those messages disappear. This is why monitoring with p=none first is worth the time.
How does LobsterMail handle DMARC automatically?
Every inbox provisioned through LobsterMail comes with SPF, DKIM, and DMARC already configured and passing. Your agent doesn't need to touch DNS records. If you add a custom domain, LobsterMail provides the exact DNS records to add and verifies them before sending is enabled.
Should I use a subdomain policy (sp=) if my AI agent sends from a subdomain?
If your agent sends from something like mail.yourdomain.com, setting sp=reject on the parent domain's DMARC record enforces policy on all subdomains. This is useful when you want strict enforcement on your main domain while giving agent subdomains their own policy through a separate _dmarc.mail.yourdomain.com record.
How does DMARC protect my domain from being spoofed by other senders?
With p=reject, any email claiming to be from your domain that fails authentication is dropped by the receiving server. Without DMARC, a bad actor can put your domain in the From header and most servers will deliver the message. DMARC is the only standard mechanism that lets you instruct receiving servers to reject unauthenticated use of your domain.
What tools can I check whether my sending domain has valid DMARC?
Run dig TXT _dmarc.yourdomain.com in your terminal. You can also use MXToolbox or mail-tester.com (send a test email, get a full report). These tools show whether your DMARC, SPF, and DKIM records are valid and properly configured.
