The Problem
Standard DNS implementations of SPF, DKIM and DMARC all suffer from the same problems, they are difficult to edit and error-prone, especially so if you control multiple domains across multiple registrars.
The Solution
Dynamic Services (formerly Dynamic DMARC) solves this problem by controlling these records from within the OnDMARC app. Therefore, there is no need to return to the DNS provider to update any email authentication-related records.
This is done by replacing the static DNS records with OnDMARC's smart records, either via NS delegation for DKIM and DMARC and a new smart TXT record for SPF.
Managing these protocols from Dynamic DMARC will provide several benefits for
each.
SPF will benefit from Dynamic SPF's caching and lookup and error handling which adds robustness and removes the 10 lookup limitation from conventional SPF.
DKIM will benefit from notifications of redundant keys and straightforward management.
DMARC will benefit from simpler and error-free updates within the interface, ensuring that your journey to reject is fast and efficient
MTA-STS will provide an easy way to deploy the protocol without needing to setup a server to host the policy.
How to set up Dynamic Services
Visit our setup article for in-depth instructions on how to setup Dynamic Services
FAQ
Does Dynamic Services support BIMI and MTA-STS?
Yes, MTA-STS support is live as of late-April 2022, while BIMI hosting is currently in beta.
What if I don't have DKIM, SPF or DMARC?
If you don't have any of the protocols that can be managed within Dynamic DMARC currently configured then Dynamic DMARC is a great place to start, simply open up the given protocol within the Dynamic DMARC panel, click Configure and add the generated record to your DNS. You are now ready to begin configuring authentication for your legitimate sending services!